urlscan.io logo urlscan.io
SecurityTrails logo

banking.sparda.at Open in urlscan Pro
193.110.183.229  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://banking.sparda.at/
Effective URL: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Submission: On February 23 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 19 HTTP transactions. The main IP is 193.110.183.229, located in Vienna, Austria and belongs to ARZ, AT. The main domain is banking.sparda.at.
TLS certificate: Issued by GeoTrust RSA CA 2018 on March 10th 2020. Valid for: 2 years.
This is the only time banking.sparda.at was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 193.110.183.229 24656 (ARZ)
4 193.110.183.241 24656 (ARZ)
19 2
Apex Domain
Subdomains		 Transfer
16 sparda.at
banking.sparda.at
1 MB
4 arz.at
analytics.arz.at — Cisco Umbrella Rank: 793683
82 KB
19 2
Domain Requested by
16 banking.sparda.at 1 redirects banking.sparda.at
4 analytics.arz.at banking.sparda.at
19 2

This site contains no links.

Subject Issuer Validity Valid
www.sparda.at
GeoTrust RSA CA 2018		 2020-03-10 -
2022-03-27		 2 years crt.sh
*.arz.at
GeoTrust RSA CA 2018		 2022-01-12 -
2023-02-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Frame ID: BCB06A5C428C1160A9C7A90FB128D70C
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://banking.sparda.at/ HTTP 302
    https://banking.sparda.at/banking/login.xhtml?m=44&f=2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1299 kB
Transfer

4397 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://banking.sparda.at/ HTTP 302
    https://banking.sparda.at/banking/login.xhtml?m=44&f=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.xhtml
banking.sparda.at/banking/
Redirect Chain
  • https://banking.sparda.at/
  • https://banking.sparda.at/banking/login.xhtml?m=44&f=2
22 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.229 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-229.arz.at
Software
nginx /
Resource Hash
0546967e6fc51b4f458b47364619c87360a97d1a112d61ac98eecd1ab807a5d9
Security Headers
Name Value
Content-Security-Policy default-src 'self' gap: about:; script-src 'self' gap: cordova: fonts.googleapis.com google.com maps.gstatic.com maps.googleapis.com gateway.webid-solutions.de webid-gateway.de *.ahoyrtc.com 'unsafe-eval' *.arz.at 'nonce-5f272a21b2214d32b380b7b7a309810e'; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.arz.at; img-src 'self' data: android-webview-video-poster: csi.gstatic.com maps.gstatic.com *.googleapis.com *.arz.at www.volksbank.at; font-src 'self' fonts.gstatic.com fonts.googleapis.com data: *.arz.at; connect-src 'self' blob: *.ahoyrtc.com wss://*.ahoyrtc.com gateway.webid-solutions.de webid-gateway.de *.arz.at; media-src 'self' *.ahoyrtc.com www.volksbank.at; object-src 'self'; child-src 'self'; frame-src 'self' gap: https://sign.prime-sign.com; frame-ancestors 'none'; form-action 'self' https://angebot.derfairecredit.at https://shop.ergo-versicherung.at; block-all-mixed-content; reflected-xss block; manifest-src 'self'; referrer origin; report-uri https://banking.sparda.at:443/banking/rest/cspreport?m=44&u=; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 23 Feb 2022 09:21:02 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000
Content-Type
text/html; charset=UTF-8
X-Frame-Options
DENY
Content-Security-Policy
default-src 'self' gap: about:; script-src 'self' gap: cordova: fonts.googleapis.com google.com maps.gstatic.com maps.googleapis.com gateway.webid-solutions.de webid-gateway.de *.ahoyrtc.com 'unsafe-eval' *.arz.at 'nonce-5f272a21b2214d32b380b7b7a309810e'; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.arz.at; img-src 'self' data: android-webview-video-poster: csi.gstatic.com maps.gstatic.com *.googleapis.com *.arz.at www.volksbank.at; font-src 'self' fonts.gstatic.com fonts.googleapis.com data: *.arz.at; connect-src 'self' blob: *.ahoyrtc.com wss://*.ahoyrtc.com gateway.webid-solutions.de webid-gateway.de *.arz.at; media-src 'self' *.ahoyrtc.com www.volksbank.at; object-src 'self'; child-src 'self'; frame-src 'self' gap: https://sign.prime-sign.com; frame-ancestors 'none'; form-action 'self' https://angebot.derfairecredit.at https://shop.ergo-versicherung.at; block-all-mixed-content; reflected-xss block; manifest-src 'self'; referrer origin; report-uri https://banking.sparda.at:443/banking/rest/cspreport?m=44&u=; upgrade-insecure-requests
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
strict-origin
Cache-Control
no-cache,no-store,must-revalidate,private
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Content-Language
en-US
Keep-Alive
timeout=15, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked

Redirect headers

Date
Wed, 23 Feb 2022 09:21:02 GMT
Strict-Transport-Security
max-age=31536000
Location
https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Content-Length
242
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
jquery.min.js.xhtml
banking.sparda.at/banking/javax.faces.resource/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.sparda.at/banking/javax.faces.resource/jquery/jquery.min.js.xhtml?ln=javascript&v=c8e1c8b386dc5b7a9184c763c88d19a346eb3342
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.229 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-229.arz.at
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://banking.sparda.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
Date
Wed, 23 Feb 2022 09:21:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 08 Feb 2022 08:05:02 GMT
Server
nginx
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Cache-Control
public,max-age=2419200,must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15, max=100
Content-Length
30950
Expires
Wed, 23 Mar 2022 09:21:03 GMT
tracekit.js.xhtml
banking.sparda.at/banking/javax.faces.resource/errorhandling/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.sparda.at/banking/javax.faces.resource/errorhandling/tracekit.js.xhtml?ln=javascript&v=343e2709cd8d0fb99bd2b22c500a04f3a71313a7
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.229 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-229.arz.at
Software
nginx /
Resource Hash
b6d5de19d64deac1185b2de989f4b4a0beaf537662c8e2dfe1fd7d6b641fc89c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://banking.sparda.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
Date
Wed, 23 Feb 2022 09:21:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 21 Feb 2022 13:16:20 GMT
Server
nginx
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Cache-Control
public,max-age=2419200,must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15, max=100
Content-Length
11381
Expires
Wed, 23 Mar 2022 09:21:03 GMT
jsfFix.js.xhtml
banking.sparda.at/banking/javax.faces.resource/jsf/ 		535 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.sparda.at/banking/javax.faces.resource/jsf/jsfFix.js.xhtml?ln=javascript&v=a5395c3beb3bb877cd548eb61aee281b7653265e
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.229 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-229.arz.at
Software
nginx /
Resource Hash
feadef9af56dddcc5b6778586fb9f58cce59ac964ae1989d0e7ac44d45f83413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://banking.sparda.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
Date
Wed, 23 Feb 2022 09:21:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Feb 2022 08:05:02 GMT
Server
nginx
X-Frame-Options
DENY
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Cache-Control
public,max-age=2419200,must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15, max=100
Content-Length
251
Expires
Wed, 23 Mar 2022 09:21:03 GMT
jsf.js.xhtml
banking.sparda.at/banking/javax.faces.resource/ 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.sparda.at/banking/javax.faces.resource/jsf.js.xhtml?ln=javax.faces&v=4bc5efca74234d36157a9f90e5f4ea398e3eb500
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.229 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-229.arz.at
Software
nginx /
Resource Hash
eafc9a42d19805e371bfe7c7976bebc34ee6bcd9892d589935ac6ce2af765ed8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://banking.sparda.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
Date
Wed, 23 Feb 2022 09:21:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 23 Jan 2019 18:00:36 GMT
Server
nginx
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Cache-Control
public,max-age=2419200,must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15, max=100
Content-Length
34380
Expires
Wed, 23 Mar 2022 09:21:03 GMT
errorhandling.js.xhtml
banking.sparda.at/banking/javax.faces.resource/errorhandling/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.sparda.at/banking/javax.faces.resource/errorhandling/errorhandling.js.xhtml?ln=javascript&v=245e2357e82a3d98392005d171aee1e9c348c5d5
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.229 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-229.arz.at
Software
nginx /
Resource Hash
264248b49bbbfea0befaefd4219eb53f2f2fe7ebf4810f2ed9ecaf68538923fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://banking.sparda.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
Date
Wed, 23 Feb 2022 09:21:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Feb 2022 08:05:02 GMT
Server
nginx
X-Frame-Options
DENY
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Cache-Control
public,max-age=2419200,must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15, max=100
Content-Length
618
Expires
Wed, 23 Mar 2022 09:21:03 GMT
errorhandlingJSF.js.xhtml
banking.sparda.at/banking/javax.faces.resource/errorhandling/ 		850 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.sparda.at/banking/javax.faces.resource/errorhandling/errorhandlingJSF.js.xhtml?ln=javascript&v=c5015e9211724ca265984f5a4f0d37445cbc0734
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.229 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-229.arz.at
Software
nginx /
Resource Hash
a7f7f25202541f71d9f5ce92dec70dd1ac7cf0609c0ae077737b33f4bc6b2511
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://banking.sparda.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
Date
Wed, 23 Feb 2022 09:21:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Feb 2022 08:05:02 GMT
Server
nginx
X-Frame-Options
DENY
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Cache-Control
public,max-age=2419200,must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15, max=99
Content-Length
413
Expires
Wed, 23 Mar 2022 09:21:03 GMT
fixviewstate.js.xhtml
banking.sparda.at/banking/javax.faces.resource/main/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.sparda.at/banking/javax.faces.resource/main/fixviewstate.js.xhtml?ln=javascript&v=1714e594d8408b78678c6f699f10126f3df2d457
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.229 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-229.arz.at
Software
nginx /
Resource Hash
c41adcbdfa1815256772fda7e13c0e4552fa11df1af6d901f953c45bec170258
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://banking.sparda.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
Date
Wed, 23 Feb 2022 09:21:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Feb 2022 08:05:02 GMT
Server
nginx
X-Frame-Options
DENY
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Cache-Control
public,max-age=2419200,must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15, max=99
Content-Length
678
Expires
Wed, 23 Mar 2022 09:21:03 GMT
eNqVWN9z2zYM_osS3Ha9PfQtTdq1d-ma1entbm8QBUm0KVLhDzvO7Y8fKMuORNJO-yIB4EdYBD-AoNe4RSesHPx7oSRpv_LGYkuw0K7X7r91jkQfHMyVBLd-CmT3cHhdBXndS30Jcs0Qb4LoroagRfcmnI1GKam92UraleCu0hAfJftgdfuuNMD2otlhNJteywYFu...
banking.sparda.at/banking/javax.faces.resource/ 		2 MB
718 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.sparda.at/banking/javax.faces.resource/eNqVWN9z2zYM_osS3Ha9PfQtTdq1d-ma1entbm8QBUm0KVLhDzvO7Y8fKMuORNJO-yIB4EdYBD-AoNe4RSesHPx7oSRpv_LGYkuw0K7X7r91jkQfHMyVBLd-CmT3cHhdBXndS30Jcs0Qb4LoroagRfcmnI1GKam92UraleCu0hAfJftgdfuuNMD2otlhNJteywYFufcnKUE7EsFKv5faDSS8NBpyUzIn6EoFGJ_JSI9SQ3xcDIVASz5BVMZ45y0OcJLeRlw5UvyF2ZKiUb4QnKSUE6avzGocrMwzLNUEK_UQ_CM9ezhJ5xC8LISFVkKSFnY_TO4-HpQSbkWCwwQzOUEp00r9ydgeXKh66e-P-gVvL89imzHMbMkq3MP0TkY1bmWLIzOm_euk41S7gHsVE0xtdloZrOEoJONe9mSCh-md8m4Y5zZS0Y-hMHsalz1XgW8D--Cdt-labU32juvEX3fWDLBUEywKzhcnK6k4G2ChfSY1ZL4ZYYL2H1ChFgRLNaUgemo5iMfCtFBLG3jHCDhJJcRn1DUXmJaDGypFt0qKzYOlLVe8fCfGGQ-d0ZPTUSwSR0kOEczkMr3Qig5m8nnUn8pUqCCznE08DN40RpTjstpJf_rlUU5QG1Sk4xKOQspb42UjxUhXdzMimMEFY8pl9PiIHGg4SSkfQsNVqnVkG3Qu8M5kll-fserRpokhOrZBJ9tulFxxmKrhtjRaoW1J1U50KjDBSUFmSbOUN2XHnuL3hRgaJ4ylC6AKxabK-TWHWNTt_uoNP5Tv7nw4yl9Rc_b3zPn0aDKcuVSh3nCKMJC0i3sLZ-wp1WJN-TGrL6FUgLh-xslSNwYm-QvL6fnkOVHR1p_UPta6pfor2Fgs6Jj1yURLtbR8oBkLr2LqfGxJInGZvbDQEuRguXGBzvfqIUrJaGesfDHao1qNPqaSUTan3zCgfZF89sJJ-pekV8RnDL2NfWTeuCbzyr83cH2G6Z1vUxOoJbvi_iam-Ze4o1A2Z9VkLNSSvjNSaUj0c-gbjWrvpIPMksxox1JIK24sCeZKgmss9fWGo0saZvI9kzJbb4NPB39HIY3rtpUiNn6Hd05BLhq8JwSv4s9gngIfQEzNjTuPPjbHHQ7kOtn4QmP8ZIWpeXtQS-bn398zbpo6bDwHFrkjgkllwnc6ZxvZrRR0KKq8YZAaUqYgV8B_pO_useLCuFRzVnk-MVQ8sr5FLimzg5Ix3Z1Yd-whw2Zy-uWcTX6Qemzy4KiNLWCpLYTSyOH2sz5egwqhbmLPwHkzvfP5Q2W4_MBJKvgY-NMao6R5ME4WOo_T-HhkjkdSXm16crKN155JSqMRD8HDQkdxjAq7UnzCZ5s4A-N4nXksdpcceCRPldR1PEyW6gdrdi4LyMUpK14Z1ZdneOOH4jlVU6QlzJXLnjiDfksQLzviKx_E1yfccPm_7UhsSsG5TyJ5M2SXr8P651zNTT_juhzIgvuAV1zkIzSnWDHV-qA89-aaPvI1e8h_o5G1-Z1bEUd_vFu7C4PBquLojruE4DtdHByfWX8az2v_gPvYj8BSfRj_DcgawHgq8NocnKQ0OfgSD_ExxeV_Bufc6Q.js.xhtml?ln=omnifaces.combined&v=9eaa7066975433ee72a31c885fb1c62da748b6af
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.229 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-229.arz.at
Software
nginx /
Resource Hash
ffeefd25cc2945dd87b7bf60cccd5d9e14eb414abe3a67016bd7e93de17f1a63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://banking.sparda.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 09:21:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Length
732769
Pragma
Last-Modified
Tue, 08 Feb 2022 08:17:00 GMT
Server
nginx
ETag
W/"327140266-1644308220000"
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Cache-Control
public,max-age=2419200,must-revalidate
Content-Type
application/x-javascript
Keep-Alive
timeout=15, max=99
Expires
Wed, 23 Mar 2022 09:21:03 GMT
main.css
banking.sparda.at/banking/resource/085d4eb899b52ffebb4ce6ee5ce4d64e4cb1ab5c/m101/m044/f2/css/ 		2 MB
189 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.sparda.at/banking/resource/085d4eb899b52ffebb4ce6ee5ce4d64e4cb1ab5c/m101/m044/f2/css/main.css
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.229 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-229.arz.at
Software
nginx /
Resource Hash
506aef46cc88790373216b1759d80865312a2d83729e0d1b3e49f99e0c7b5aa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://banking.sparda.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
Date
Wed, 23 Feb 2022 09:21:03 GMT
Content-Encoding
gzip
Server
nginx
X-Frame-Options
DENY
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=2419200,must-revalidate
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Type
text/css
Keep-Alive
timeout=15, max=98
Expires
Wed, 23 Mar 2022 09:21:03 GMT
a51981e5-0a46-4284-837b-acfdb1c505bf.js
analytics.arz.at/containers/ 		209 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.arz.at/containers/a51981e5-0a46-4284-837b-acfdb1c505bf.js
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/javax.faces.resource/eNqVWN9z2zYM_osS3Ha9PfQtTdq1d-ma1entbm8QBUm0KVLhDzvO7Y8fKMuORNJO-yIB4EdYBD-AoNe4RSesHPx7oSRpv_LGYkuw0K7X7r91jkQfHMyVBLd-CmT3cHhdBXndS30Jcs0Qb4LoroagRfcmnI1GKam92UraleCu0hAfJftgdfuuNMD2otlhNJteywYFufcnKUE7EsFKv5faDSS8NBpyUzIn6EoFGJ_JSI9SQ3xcDIVASz5BVMZ45y0OcJLeRlw5UvyF2ZKiUb4QnKSUE6avzGocrMwzLNUEK_UQ_CM9ezhJ5xC8LISFVkKSFnY_TO4-HpQSbkWCwwQzOUEp00r9ydgeXKh66e-P-gVvL89imzHMbMkq3MP0TkY1bmWLIzOm_euk41S7gHsVE0xtdloZrOEoJONe9mSCh-md8m4Y5zZS0Y-hMHsalz1XgW8D--Cdt-labU32juvEX3fWDLBUEywKzhcnK6k4G2ChfSY1ZL4ZYYL2H1ChFgRLNaUgemo5iMfCtFBLG3jHCDhJJcRn1DUXmJaDGypFt0qKzYOlLVe8fCfGGQ-d0ZPTUSwSR0kOEczkMr3Qig5m8nnUn8pUqCCznE08DN40RpTjstpJf_rlUU5QG1Sk4xKOQspb42UjxUhXdzMimMEFY8pl9PiIHGg4SSkfQsNVqnVkG3Qu8M5kll-fserRpokhOrZBJ9tulFxxmKrhtjRaoW1J1U50KjDBSUFmSbOUN2XHnuL3hRgaJ4ylC6AKxabK-TWHWNTt_uoNP5Tv7nw4yl9Rc_b3zPn0aDKcuVSh3nCKMJC0i3sLZ-wp1WJN-TGrL6FUgLh-xslSNwYm-QvL6fnkOVHR1p_UPta6pfor2Fgs6Jj1yURLtbR8oBkLr2LqfGxJInGZvbDQEuRguXGBzvfqIUrJaGesfDHao1qNPqaSUTan3zCgfZF89sJJ-pekV8RnDL2NfWTeuCbzyr83cH2G6Z1vUxOoJbvi_iam-Ze4o1A2Z9VkLNSSvjNSaUj0c-gbjWrvpIPMksxox1JIK24sCeZKgmss9fWGo0saZvI9kzJbb4NPB39HIY3rtpUiNn6Hd05BLhq8JwSv4s9gngIfQEzNjTuPPjbHHQ7kOtn4QmP8ZIWpeXtQS-bn398zbpo6bDwHFrkjgkllwnc6ZxvZrRR0KKq8YZAaUqYgV8B_pO_useLCuFRzVnk-MVQ8sr5FLimzg5Ix3Z1Yd-whw2Zy-uWcTX6Qemzy4KiNLWCpLYTSyOH2sz5egwqhbmLPwHkzvfP5Q2W4_MBJKvgY-NMao6R5ME4WOo_T-HhkjkdSXm16crKN155JSqMRD8HDQkdxjAq7UnzCZ5s4A-N4nXksdpcceCRPldR1PEyW6gdrdi4LyMUpK14Z1ZdneOOH4jlVU6QlzJXLnjiDfksQLzviKx_E1yfccPm_7UhsSsG5TyJ5M2SXr8P651zNTT_juhzIgvuAV1zkIzSnWDHV-qA89-aaPvI1e8h_o5G1-Z1bEUd_vFu7C4PBquLojruE4DtdHByfWX8az2v_gPvYj8BSfRj_DcgawHgq8NocnKQ0OfgSD_ExxeV_Bufc6Q.js.xhtml?ln=omnifaces.combined&v=9eaa7066975433ee72a31c885fb1c62da748b6af
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.241 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-241.arz.at
Software
Apache /
Resource Hash
77937c8ca76bfd7b8361617d187709daf029ecd4e34a020dce36f6e6f3e9a8c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://banking.sparda.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 09:19:50 GMT
content-encoding
gzip
Server
Apache
vary
Accept-Encoding,Cookie
content-type
application/javascript; charset=utf-8
cache-control
public, must-revalidate, max-age=360
Transfer-Encoding
chunked
Connection
Keep-Alive
x-robots-tag
none
Keep-Alive
timeout=15, max=100
login-background.jpg
banking.sparda.at/banking/resource/085d4eb899b52ffebb4ce6ee5ce4d64e4cb1ab5c/m101/m044/f2/images/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banking.sparda.at/banking/resource/085d4eb899b52ffebb4ce6ee5ce4d64e4cb1ab5c/m101/m044/f2/images/login-background.jpg
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/resource/085d4eb899b52ffebb4ce6ee5ce4d64e4cb1ab5c/m101/m044/f2/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.229 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-229.arz.at
Software
nginx /
Resource Hash
dc894cced92e34c0c48e1e8ee15b2e8a8425eb044c4544b0a74cbd9040e026fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://banking.sparda.at/banking/resource/085d4eb899b52ffebb4ce6ee5ce4d64e4cb1ab5c/m101/m044/f2/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
Date
Wed, 23 Feb 2022 09:21:03 GMT
Strict-Transport-Security
max-age=31536000
Server
nginx
X-Frame-Options
DENY
Content-Language
en-US
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=2419200,must-revalidate
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Type
image/jpeg
Keep-Alive
timeout=15, max=98
Expires
Wed, 23 Mar 2022 09:21:03 GMT
logo.png
banking.sparda.at/banking/resource/085d4eb899b52ffebb4ce6ee5ce4d64e4cb1ab5c/m101/m044/f2/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banking.sparda.at/banking/resource/085d4eb899b52ffebb4ce6ee5ce4d64e4cb1ab5c/m101/m044/f2/images/logo.png
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/resource/085d4eb899b52ffebb4ce6ee5ce4d64e4cb1ab5c/m101/m044/f2/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.229 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-229.arz.at
Software
nginx /
Resource Hash
0493b3cfa97532194bdf29674e45216f98f69f2d6b5e7cd2548ca4a962483d81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://banking.sparda.at/banking/resource/085d4eb899b52ffebb4ce6ee5ce4d64e4cb1ab5c/m101/m044/f2/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
Date
Wed, 23 Feb 2022 09:21:03 GMT
Strict-Transport-Security
max-age=31536000
Server
nginx
X-Frame-Options
DENY
Content-Language
en-US
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=2419200,must-revalidate
Connection
Keep-Alive
Content-Type
image/png
Keep-Alive
timeout=15, max=99
Content-Length
2084
Expires
Wed, 23 Mar 2022 09:21:03 GMT
login.xhtml
banking.sparda.at/banking/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://banking.sparda.at/banking/login.xhtml?f=2&m=44
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/javax.faces.resource/jsf.js.xhtml?ln=javax.faces&v=4bc5efca74234d36157a9f90e5f4ea398e3eb500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.229 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-229.arz.at
Software
nginx /
Resource Hash
e1c465183c7686da5ff0099a9949006b05907da547f00ca2147b84eba5e4861d
Security Headers
Name Value
Content-Security-Policy default-src 'self' gap: about:; script-src 'self' gap: cordova: fonts.googleapis.com google.com maps.gstatic.com maps.googleapis.com gateway.webid-solutions.de webid-gateway.de *.ahoyrtc.com 'unsafe-eval' *.arz.at 'nonce-47440fb8de404df0895092ed252edaf7'; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.arz.at; img-src 'self' data: android-webview-video-poster: csi.gstatic.com maps.gstatic.com *.googleapis.com *.arz.at www.volksbank.at; font-src 'self' fonts.gstatic.com fonts.googleapis.com data: *.arz.at; connect-src 'self' blob: *.ahoyrtc.com wss://*.ahoyrtc.com gateway.webid-solutions.de webid-gateway.de *.arz.at; media-src 'self' *.ahoyrtc.com www.volksbank.at; object-src 'self'; child-src 'self'; frame-src 'self' gap: https://sign.prime-sign.com; frame-ancestors 'none'; form-action 'self' https://angebot.derfairecredit.at https://shop.ergo-versicherung.at; block-all-mixed-content; reflected-xss block; manifest-src 'self'; referrer origin; report-uri https://banking.sparda.at:443/banking/rest/cspreport?m=44&u=; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer
https://banking.sparda.at/
Faces-Request
partial/ajax
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 23 Feb 2022 09:21:03 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache, no-cache
Referrer-Policy
strict-origin
Server
nginx
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Cache-Control
no-cache,no-store,must-revalidate,private, no-cache
Content-Security-Policy
default-src 'self' gap: about:; script-src 'self' gap: cordova: fonts.googleapis.com google.com maps.gstatic.com maps.googleapis.com gateway.webid-solutions.de webid-gateway.de *.ahoyrtc.com 'unsafe-eval' *.arz.at 'nonce-47440fb8de404df0895092ed252edaf7'; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.arz.at; img-src 'self' data: android-webview-video-poster: csi.gstatic.com maps.gstatic.com *.googleapis.com *.arz.at www.volksbank.at; font-src 'self' fonts.gstatic.com fonts.googleapis.com data: *.arz.at; connect-src 'self' blob: *.ahoyrtc.com wss://*.ahoyrtc.com gateway.webid-solutions.de webid-gateway.de *.arz.at; media-src 'self' *.ahoyrtc.com www.volksbank.at; object-src 'self'; child-src 'self'; frame-src 'self' gap: https://sign.prime-sign.com; frame-ancestors 'none'; form-action 'self' https://angebot.derfairecredit.at https://shop.ergo-versicherung.at; block-all-mixed-content; reflected-xss block; manifest-src 'self'; referrer origin; report-uri https://banking.sparda.at:443/banking/rest/cspreport?m=44&u=; upgrade-insecure-requests
Content-Type
text/xml;charset=UTF-8
Keep-Alive
timeout=15, max=98
Expires
Thu, 01 Jan 1970 00:00:00 GMT, -1
login.xhtml
banking.sparda.at/banking/ 		12 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://banking.sparda.at/banking/login.xhtml?f=2&m=44
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/javax.faces.resource/jsf.js.xhtml?ln=javax.faces&v=4bc5efca74234d36157a9f90e5f4ea398e3eb500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.229 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-229.arz.at
Software
nginx /
Resource Hash
d43dd38ebe286a7c55faba8f76be206c6dda1c23065c9dd81f947cd4e48d84d5
Security Headers
Name Value
Content-Security-Policy default-src 'self' gap: about:; script-src 'self' gap: cordova: fonts.googleapis.com google.com maps.gstatic.com maps.googleapis.com gateway.webid-solutions.de webid-gateway.de *.ahoyrtc.com 'unsafe-eval' *.arz.at 'nonce-1fca954ba3ae42988e32702b216ac182'; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.arz.at; img-src 'self' data: android-webview-video-poster: csi.gstatic.com maps.gstatic.com *.googleapis.com *.arz.at www.volksbank.at; font-src 'self' fonts.gstatic.com fonts.googleapis.com data: *.arz.at; connect-src 'self' blob: *.ahoyrtc.com wss://*.ahoyrtc.com gateway.webid-solutions.de webid-gateway.de *.arz.at; media-src 'self' *.ahoyrtc.com www.volksbank.at; object-src 'self'; child-src 'self'; frame-src 'self' gap: https://sign.prime-sign.com; frame-ancestors 'none'; form-action 'self' https://angebot.derfairecredit.at https://shop.ergo-versicherung.at; block-all-mixed-content; reflected-xss block; manifest-src 'self'; referrer origin; report-uri https://banking.sparda.at:443/banking/rest/cspreport?m=44&u=; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer
https://banking.sparda.at/
Faces-Request
partial/ajax
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 23 Feb 2022 09:21:03 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache, no-cache
Referrer-Policy
strict-origin
Server
nginx
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Cache-Control
no-cache,no-store,must-revalidate,private, no-cache
Content-Security-Policy
default-src 'self' gap: about:; script-src 'self' gap: cordova: fonts.googleapis.com google.com maps.gstatic.com maps.googleapis.com gateway.webid-solutions.de webid-gateway.de *.ahoyrtc.com 'unsafe-eval' *.arz.at 'nonce-1fca954ba3ae42988e32702b216ac182'; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.arz.at; img-src 'self' data: android-webview-video-poster: csi.gstatic.com maps.gstatic.com *.googleapis.com *.arz.at www.volksbank.at; font-src 'self' fonts.gstatic.com fonts.googleapis.com data: *.arz.at; connect-src 'self' blob: *.ahoyrtc.com wss://*.ahoyrtc.com gateway.webid-solutions.de webid-gateway.de *.arz.at; media-src 'self' *.ahoyrtc.com www.volksbank.at; object-src 'self'; child-src 'self'; frame-src 'self' gap: https://sign.prime-sign.com; frame-ancestors 'none'; form-action 'self' https://angebot.derfairecredit.at https://shop.ergo-versicherung.at; block-all-mixed-content; reflected-xss block; manifest-src 'self'; referrer origin; report-uri https://banking.sparda.at:443/banking/rest/cspreport?m=44&u=; upgrade-insecure-requests
Content-Type
text/xml;charset=UTF-8
Keep-Alive
timeout=15, max=97
Expires
Thu, 01 Jan 1970 00:00:00 GMT, -1
icomoon.woff
banking.sparda.at/banking/resource/085d4eb899b52ffebb4ce6ee5ce4d64e4cb1ab5c/m101/m044/f2/fonts/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banking.sparda.at/banking/resource/085d4eb899b52ffebb4ce6ee5ce4d64e4cb1ab5c/m101/m044/f2/fonts/icomoon.woff?ujzntn
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/resource/085d4eb899b52ffebb4ce6ee5ce4d64e4cb1ab5c/m101/m044/f2/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.229 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-229.arz.at
Software
nginx /
Resource Hash
36ecb23ebeb99fa2b779c181618a4372ec7878b52a01418b8cafc4036fe16b93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Referer
https://banking.sparda.at/banking/resource/085d4eb899b52ffebb4ce6ee5ce4d64e4cb1ab5c/m101/m044/f2/css/main.css
Origin
https://banking.sparda.at
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
Date
Wed, 23 Feb 2022 09:21:03 GMT
Server
nginx
X-Frame-Options
DENY
Connection
Keep-Alive
Content-Language
en-US
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=2419200,must-revalidate
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Content-Type
text/plain
Keep-Alive
timeout=15, max=96
Expires
Wed, 23 Mar 2022 09:21:03 GMT
ppms.js
analytics.arz.at/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.arz.at/ppms.js
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.241 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-241.arz.at
Software
Apache /
Resource Hash
30a36b85d2f698e46249c684712f34ecb6ef7459eea6a8e1b340e464270cb0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://banking.sparda.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 09:19:50 GMT
content-encoding
gzip
last-modified
Fri, 13 Nov 2020 15:01:11 GMT
Server
Apache
etag
W/"5fae9fb7-1153f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=15, max=99
expires
Fri, 25 Mar 2022 09:19:50 GMT
ppms.php
analytics.arz.at/ 		43 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.arz.at/ppms.php?action_name=Loginseite&idsite=a51981e5-0a46-4284-837b-acfdb1c505bf&rec=1&r=871402&h=9&m=21&s=4&url=https%3A%2F%2Fbanking.sparda.at%2Fbanking%2Flogin.xhtml&uid=b858cb282617fb0956d960215c8e84d1ccf909c6&_id=9fac7f3e86f8cc01&_idts=1645608064&_idvc=1&_idn=0&_viewts=1645608064&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&_cvar=%7B%221%22%3A%5B%22Anwendung%22%2C%22Web%20Banking%22%5D%7D&gt_ms=170&pv_id=mZpXhJ
Requested by
Host: banking.sparda.at
URL: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.241 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-241.arz.at
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://banking.sparda.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 09:19:50 GMT
content-encoding
none
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=15, max=98
content-length
43
content-type
image/gif
ppms.php
analytics.arz.at/ 		43 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.arz.at/ppms.php?action_name=Loginseite&idsite=a51981e5-0a46-4284-837b-acfdb1c505bf&rec=1&r=052276&h=9&m=21&s=4&url=https%3A%2F%2Fbanking.sparda.at%2Fbanking%2Flogin.xhtml&uid=b858cb282617fb0956d960215c8e84d1ccf909c6&_id=9fac7f3e86f8cc01&_idts=1645608064&_idvc=1&_idn=0&_viewts=1645608064&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&_cvar=%7B%221%22%3A%5B%22Anwendung%22%2C%22Web%20Banking%22%5D%7D&gt_ms=170&pv_id=4fgX8h
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.110.183.241 Vienna, Austria, ASN24656 (ARZ, AT),
Reverse DNS
arz-193-110-183-241.arz.at
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://banking.sparda.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 23 Feb 2022 09:19:51 GMT
content-encoding
none
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=15, max=97
content-length
43
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

237 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| $ function| jQuery object| TraceKit object| myfaces object| jsf string| _PFX_UTIL string| _PFX_CORE string| _PFX_XHR string| _PFX_I18N function| _MF_CLS function| _MF_SINGLTN function| _MF_OBJECT object| ErrorHandling object| ErrorHandlingJSF object| OmniFaces function| ClientStorage object| ClientStatus number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| Arcfour function| ARC4init function| ARC4next function| prng_newstate number| rng_psize undefined| rng_state object| rng_pool number| rng_pptr function| rng_seed_int function| rng_seed_time number| t object| ua undefined| z function| rng_get_byte function| rng_get_bytes function| SecureRandom function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt object| UXTracker object| UnbluService object| colors function| rgbToHex function| EBPMap function| MirroredMap object| registeredJsfAjaxCallbacks function| doOnlyOnce function| callWhenReady object| SelectboxPlugin object| ComboSelectboxComponent object| InputTextComponent object| InputTextareaComponent object| InputEncryptComponent object| InputSecretComponent object| SubmitLoginForm object| currentOverlay function| showOverlay function| resetOverlays number| scrollbarWidth object| overlayUtils boolean| historyChangeInternal undefined| historyCurrentPage undefined| historyCurrentPageLabel object| Navigation object| NavigationBadges object| Download object| Timeout object| FileUpload object| ImageOptimizer object| OrderDragNDrop object| AccessibilityComponent object| AccountBalanceComponent object| CategoryStatusComponent object| InputDateComponent object| DoubleClickPrevention object| InputPhoneComponent object| InputSliderComponent object| InputSearchComponent object| InputSearchGlobal object| AutoFocus object| InputSwitch object| KalenderComponent function| initTextareas object| DataTableComponent object| Auftragserfassung object| auftragserfassungSmart object| HighchartsComponent object| Bargeldschluessel object| TextManagement object| MobileBankingExtensions object| imgPreview object| VersionInfoComponent object| StandardFlyoutComponent object| StandardFlyoutStateHandling object| redirector object| ScrollableTabComponent object| htmlPrint object| horizontalScrollSlider object| SparzieleZeitleiste object| SparzieleTransfer object| VerfuegerSpecificImage object| KategorieRegeln object| KategorieAnalysis object| GlobaleSuche object| FremdkontenLoader object| FaqSuche object| SVGIcon object| Startseite object| StartseiteQL function| VanillaQR object| Produktrechner object| Serviceauftraege object| ValueWithLabel object| VerticalTextOverflow object| MobileBiometrics object| ShortpinLogin function| showLoadingScreenAndRedirect function| showLoadingScreen function| Detector function| murmurhash3_32_gc object| Flicker object| ClipboardComponent object| PortfolioPosition object| PortfolioTableChart object| PrimeSign object| SmartLoginChallenge object| ActionTimeout object| GeraetebindungDevice function| Geraetebindung object| Totp object| MobileDevice object| ZweiFaChallenge object| SmartLoginApp object| BrowserFingerprint object| SmartLoginBrowser object| MultilineEllipser function| _typeof object| Fido2 object| InstantPaymentPolling object| _paq object| PiwikAnalytics function| initPace object| unblu string| x-unblu-tmp-window-name function| Sifter object| MicroPlugin function| Selectize function| zxcvbn object| Highcharts function| _ object| Backbone object| rangy object| etch function| Cropper function| default function| UAParser function| ClientJS function| jsSHA object| base64js object| base64url object| webauthn object| Pace object| dataLayer object| ppms function| submitValidate function| submitOTP function| noOTPData function| initError function| kooplogin boolean| x-unblu-tmp-dom-ready object| paceOptions string| SYNC_EVENT string| ONCE_PER_PAGE_VIEW_ACTION string| ONCE_PER_SESSION_ACTION string| VARIABLE_NAME string| COOKIE_PREFIX string| GLOBAL_CONFIG_NAME function| ppmsWebStorage object| sevenTag object| Piwik object| AnalyticsTracker function| piwik_log boolean| x-unblu-tmp-window-alive

12 Cookies

Domain/Path Name / Value
banking.sparda.at/banking Name: PREF
Value: m%3D44%3Af%3D02%3Al%3Dde%3As%3DSTANDARD%3Av%3D0
banking.sparda.at/banking Name: FLAG
Value: b56a4712-2a7d-4d49-8fa8-e06a2de14999
banking.sparda.at/banking Name: SIC
Value: XWFHUKFW9k8OUa-Nw3RsgV7
banking.sparda.at/banking Name: oam.Flash.RENDERMAP.TOKEN
Value: yaqysdlts
banking.sparda.at/ Name: ROUTEID
Value: .10
banking.sparda.at/ Name: JSESSIONID
Value: 0000XWFHUKFW9k8OUa-Nw3RsgV7:81d6a3e2
banking.sparda.at/ Name: stg_traffic_source_priority
Value: 1
banking.sparda.at/ Name: stg_externalReferrer
Value:
banking.sparda.at/ Name: _pk_id.a51981e5-0a46-4284-837b-acfdb1c505bf.b627
Value: 9fac7f3e86f8cc01.1645608064.1.1645608064.1645608064.
banking.sparda.at/ Name: _pk_ses.a51981e5-0a46-4284-837b-acfdb1c505bf.b627
Value: *
banking.sparda.at/ Name: stg_last_interaction
Value: Wed%2C%2023%20Feb%202022%2009:21:04%20GMT
banking.sparda.at/ Name: stg_returning_visitor
Value: Wed%2C%2023%20Feb%202022%2009:21:04%20GMT

7 Console Messages

Source Level URL
Text
security error URL: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Message:
Unrecognized Content-Security-Policy directive 'reflected-xss'.
security error URL: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Message:
Unrecognized Content-Security-Policy directive 'referrer'.
security error URL: https://banking.sparda.at/banking/javax.faces.resource/eNqVWN9z2zYM_osS3Ha9PfQtTdq1d-ma1entbm8QBUm0KVLhDzvO7Y8fKMuORNJO-yIB4EdYBD-AoNe4RSesHPx7oSRpv_LGYkuw0K7X7r91jkQfHMyVBLd-CmT3cHhdBXndS30Jcs0Qb4LoroagRfcmnI1GKam92UraleCu0hAfJftgdfuuNMD2otlhNJteywYFufcnKUE7EsFKv5faDSS8NBpyUzIn6EoFGJ_JSI9SQ3xcDIVASz5BVMZ45y0OcJLeRlw5UvyF2ZKiUb4QnKSUE6avzGocrMwzLNUEK_UQ_CM9ezhJ5xC8LISFVkKSFnY_TO4-HpQSbkWCwwQzOUEp00r9ydgeXKh66e-P-gVvL89imzHMbMkq3MP0TkY1bmWLIzOm_euk41S7gHsVE0xtdloZrOEoJONe9mSCh-md8m4Y5zZS0Y-hMHsalz1XgW8D--Cdt-labU32juvEX3fWDLBUEywKzhcnK6k4G2ChfSY1ZL4ZYYL2H1ChFgRLNaUgemo5iMfCtFBLG3jHCDhJJcRn1DUXmJaDGypFt0qKzYOlLVe8fCfGGQ-d0ZPTUSwSR0kOEczkMr3Qig5m8nnUn8pUqCCznE08DN40RpTjstpJf_rlUU5QG1Sk4xKOQspb42UjxUhXdzMimMEFY8pl9PiIHGg4SSkfQsNVqnVkG3Qu8M5kll-fserRpokhOrZBJ9tulFxxmKrhtjRaoW1J1U50KjDBSUFmSbOUN2XHnuL3hRgaJ4ylC6AKxabK-TWHWNTt_uoNP5Tv7nw4yl9Rc_b3zPn0aDKcuVSh3nCKMJC0i3sLZ-wp1WJN-TGrL6FUgLh-xslSNwYm-QvL6fnkOVHR1p_UPta6pfor2Fgs6Jj1yURLtbR8oBkLr2LqfGxJInGZvbDQEuRguXGBzvfqIUrJaGesfDHao1qNPqaSUTan3zCgfZF89sJJ-pekV8RnDL2NfWTeuCbzyr83cH2G6Z1vUxOoJbvi_iam-Ze4o1A2Z9VkLNSSvjNSaUj0c-gbjWrvpIPMksxox1JIK24sCeZKgmss9fWGo0saZvI9kzJbb4NPB39HIY3rtpUiNn6Hd05BLhq8JwSv4s9gngIfQEzNjTuPPjbHHQ7kOtn4QmP8ZIWpeXtQS-bn398zbpo6bDwHFrkjgkllwnc6ZxvZrRR0KKq8YZAaUqYgV8B_pO_useLCuFRzVnk-MVQ8sr5FLimzg5Ix3Z1Yd-whw2Zy-uWcTX6Qemzy4KiNLWCpLYTSyOH2sz5egwqhbmLPwHkzvfP5Q2W4_MBJKvgY-NMao6R5ME4WOo_T-HhkjkdSXm16crKN155JSqMRD8HDQkdxjAq7UnzCZ5s4A-N4nXksdpcceCRPldR1PEyW6gdrdi4LyMUpK14Z1ZdneOOH4jlVU6QlzJXLnjiDfksQLzviKx_E1yfccPm_7UhsSsG5TyJ5M2SXr8P651zNTT_juhzIgvuAV1zkIzSnWDHV-qA89-aaPvI1e8h_o5G1-Z1bEUd_vFu7C4PBquLojruE4DtdHByfWX8az2v_gPvYj8BSfRj_DcgawHgq8NocnKQ0OfgSD_ExxeV_Bufc6Q.js.xhtml?ln=omnifaces.combined&v=9eaa7066975433ee72a31c885fb1c62da748b6af(Line 19069)
Message:
Unrecognized Content-Security-Policy directive 'reflected-xss'.
security error URL: https://banking.sparda.at/banking/javax.faces.resource/eNqVWN9z2zYM_osS3Ha9PfQtTdq1d-ma1entbm8QBUm0KVLhDzvO7Y8fKMuORNJO-yIB4EdYBD-AoNe4RSesHPx7oSRpv_LGYkuw0K7X7r91jkQfHMyVBLd-CmT3cHhdBXndS30Jcs0Qb4LoroagRfcmnI1GKam92UraleCu0hAfJftgdfuuNMD2otlhNJteywYFufcnKUE7EsFKv5faDSS8NBpyUzIn6EoFGJ_JSI9SQ3xcDIVASz5BVMZ45y0OcJLeRlw5UvyF2ZKiUb4QnKSUE6avzGocrMwzLNUEK_UQ_CM9ezhJ5xC8LISFVkKSFnY_TO4-HpQSbkWCwwQzOUEp00r9ydgeXKh66e-P-gVvL89imzHMbMkq3MP0TkY1bmWLIzOm_euk41S7gHsVE0xtdloZrOEoJONe9mSCh-md8m4Y5zZS0Y-hMHsalz1XgW8D--Cdt-labU32juvEX3fWDLBUEywKzhcnK6k4G2ChfSY1ZL4ZYYL2H1ChFgRLNaUgemo5iMfCtFBLG3jHCDhJJcRn1DUXmJaDGypFt0qKzYOlLVe8fCfGGQ-d0ZPTUSwSR0kOEczkMr3Qig5m8nnUn8pUqCCznE08DN40RpTjstpJf_rlUU5QG1Sk4xKOQspb42UjxUhXdzMimMEFY8pl9PiIHGg4SSkfQsNVqnVkG3Qu8M5kll-fserRpokhOrZBJ9tulFxxmKrhtjRaoW1J1U50KjDBSUFmSbOUN2XHnuL3hRgaJ4ylC6AKxabK-TWHWNTt_uoNP5Tv7nw4yl9Rc_b3zPn0aDKcuVSh3nCKMJC0i3sLZ-wp1WJN-TGrL6FUgLh-xslSNwYm-QvL6fnkOVHR1p_UPta6pfor2Fgs6Jj1yURLtbR8oBkLr2LqfGxJInGZvbDQEuRguXGBzvfqIUrJaGesfDHao1qNPqaSUTan3zCgfZF89sJJ-pekV8RnDL2NfWTeuCbzyr83cH2G6Z1vUxOoJbvi_iam-Ze4o1A2Z9VkLNSSvjNSaUj0c-gbjWrvpIPMksxox1JIK24sCeZKgmss9fWGo0saZvI9kzJbb4NPB39HIY3rtpUiNn6Hd05BLhq8JwSv4s9gngIfQEzNjTuPPjbHHQ7kOtn4QmP8ZIWpeXtQS-bn398zbpo6bDwHFrkjgkllwnc6ZxvZrRR0KKq8YZAaUqYgV8B_pO_useLCuFRzVnk-MVQ8sr5FLimzg5Ix3Z1Yd-whw2Zy-uWcTX6Qemzy4KiNLWCpLYTSyOH2sz5egwqhbmLPwHkzvfP5Q2W4_MBJKvgY-NMao6R5ME4WOo_T-HhkjkdSXm16crKN155JSqMRD8HDQkdxjAq7UnzCZ5s4A-N4nXksdpcceCRPldR1PEyW6gdrdi4LyMUpK14Z1ZdneOOH4jlVU6QlzJXLnjiDfksQLzviKx_E1yfccPm_7UhsSsG5TyJ5M2SXr8P651zNTT_juhzIgvuAV1zkIzSnWDHV-qA89-aaPvI1e8h_o5G1-Z1bEUd_vFu7C4PBquLojruE4DtdHByfWX8az2v_gPvYj8BSfRj_DcgawHgq8NocnKQ0OfgSD_ExxeV_Bufc6Q.js.xhtml?ln=omnifaces.combined&v=9eaa7066975433ee72a31c885fb1c62da748b6af(Line 19069)
Message:
Unrecognized Content-Security-Policy directive 'referrer'.
security error URL: https://banking.sparda.at/banking/javax.faces.resource/eNqVWN9z2zYM_osS3Ha9PfQtTdq1d-ma1entbm8QBUm0KVLhDzvO7Y8fKMuORNJO-yIB4EdYBD-AoNe4RSesHPx7oSRpv_LGYkuw0K7X7r91jkQfHMyVBLd-CmT3cHhdBXndS30Jcs0Qb4LoroagRfcmnI1GKam92UraleCu0hAfJftgdfuuNMD2otlhNJteywYFufcnKUE7EsFKv5faDSS8NBpyUzIn6EoFGJ_JSI9SQ3xcDIVASz5BVMZ45y0OcJLeRlw5UvyF2ZKiUb4QnKSUE6avzGocrMwzLNUEK_UQ_CM9ezhJ5xC8LISFVkKSFnY_TO4-HpQSbkWCwwQzOUEp00r9ydgeXKh66e-P-gVvL89imzHMbMkq3MP0TkY1bmWLIzOm_euk41S7gHsVE0xtdloZrOEoJONe9mSCh-md8m4Y5zZS0Y-hMHsalz1XgW8D--Cdt-labU32juvEX3fWDLBUEywKzhcnK6k4G2ChfSY1ZL4ZYYL2H1ChFgRLNaUgemo5iMfCtFBLG3jHCDhJJcRn1DUXmJaDGypFt0qKzYOlLVe8fCfGGQ-d0ZPTUSwSR0kOEczkMr3Qig5m8nnUn8pUqCCznE08DN40RpTjstpJf_rlUU5QG1Sk4xKOQspb42UjxUhXdzMimMEFY8pl9PiIHGg4SSkfQsNVqnVkG3Qu8M5kll-fserRpokhOrZBJ9tulFxxmKrhtjRaoW1J1U50KjDBSUFmSbOUN2XHnuL3hRgaJ4ylC6AKxabK-TWHWNTt_uoNP5Tv7nw4yl9Rc_b3zPn0aDKcuVSh3nCKMJC0i3sLZ-wp1WJN-TGrL6FUgLh-xslSNwYm-QvL6fnkOVHR1p_UPta6pfor2Fgs6Jj1yURLtbR8oBkLr2LqfGxJInGZvbDQEuRguXGBzvfqIUrJaGesfDHao1qNPqaSUTan3zCgfZF89sJJ-pekV8RnDL2NfWTeuCbzyr83cH2G6Z1vUxOoJbvi_iam-Ze4o1A2Z9VkLNSSvjNSaUj0c-gbjWrvpIPMksxox1JIK24sCeZKgmss9fWGo0saZvI9kzJbb4NPB39HIY3rtpUiNn6Hd05BLhq8JwSv4s9gngIfQEzNjTuPPjbHHQ7kOtn4QmP8ZIWpeXtQS-bn398zbpo6bDwHFrkjgkllwnc6ZxvZrRR0KKq8YZAaUqYgV8B_pO_useLCuFRzVnk-MVQ8sr5FLimzg5Ix3Z1Yd-whw2Zy-uWcTX6Qemzy4KiNLWCpLYTSyOH2sz5egwqhbmLPwHkzvfP5Q2W4_MBJKvgY-NMao6R5ME4WOo_T-HhkjkdSXm16crKN155JSqMRD8HDQkdxjAq7UnzCZ5s4A-N4nXksdpcceCRPldR1PEyW6gdrdi4LyMUpK14Z1ZdneOOH4jlVU6QlzJXLnjiDfksQLzviKx_E1yfccPm_7UhsSsG5TyJ5M2SXr8P651zNTT_juhzIgvuAV1zkIzSnWDHV-qA89-aaPvI1e8h_o5G1-Z1bEUd_vFu7C4PBquLojruE4DtdHByfWX8az2v_gPvYj8BSfRj_DcgawHgq8NocnKQ0OfgSD_ExxeV_Bufc6Q.js.xhtml?ln=omnifaces.combined&v=9eaa7066975433ee72a31c885fb1c62da748b6af(Line 19069)
Message:
Unrecognized Content-Security-Policy directive 'reflected-xss'.
security error URL: https://banking.sparda.at/banking/javax.faces.resource/eNqVWN9z2zYM_osS3Ha9PfQtTdq1d-ma1entbm8QBUm0KVLhDzvO7Y8fKMuORNJO-yIB4EdYBD-AoNe4RSesHPx7oSRpv_LGYkuw0K7X7r91jkQfHMyVBLd-CmT3cHhdBXndS30Jcs0Qb4LoroagRfcmnI1GKam92UraleCu0hAfJftgdfuuNMD2otlhNJteywYFufcnKUE7EsFKv5faDSS8NBpyUzIn6EoFGJ_JSI9SQ3xcDIVASz5BVMZ45y0OcJLeRlw5UvyF2ZKiUb4QnKSUE6avzGocrMwzLNUEK_UQ_CM9ezhJ5xC8LISFVkKSFnY_TO4-HpQSbkWCwwQzOUEp00r9ydgeXKh66e-P-gVvL89imzHMbMkq3MP0TkY1bmWLIzOm_euk41S7gHsVE0xtdloZrOEoJONe9mSCh-md8m4Y5zZS0Y-hMHsalz1XgW8D--Cdt-labU32juvEX3fWDLBUEywKzhcnK6k4G2ChfSY1ZL4ZYYL2H1ChFgRLNaUgemo5iMfCtFBLG3jHCDhJJcRn1DUXmJaDGypFt0qKzYOlLVe8fCfGGQ-d0ZPTUSwSR0kOEczkMr3Qig5m8nnUn8pUqCCznE08DN40RpTjstpJf_rlUU5QG1Sk4xKOQspb42UjxUhXdzMimMEFY8pl9PiIHGg4SSkfQsNVqnVkG3Qu8M5kll-fserRpokhOrZBJ9tulFxxmKrhtjRaoW1J1U50KjDBSUFmSbOUN2XHnuL3hRgaJ4ylC6AKxabK-TWHWNTt_uoNP5Tv7nw4yl9Rc_b3zPn0aDKcuVSh3nCKMJC0i3sLZ-wp1WJN-TGrL6FUgLh-xslSNwYm-QvL6fnkOVHR1p_UPta6pfor2Fgs6Jj1yURLtbR8oBkLr2LqfGxJInGZvbDQEuRguXGBzvfqIUrJaGesfDHao1qNPqaSUTan3zCgfZF89sJJ-pekV8RnDL2NfWTeuCbzyr83cH2G6Z1vUxOoJbvi_iam-Ze4o1A2Z9VkLNSSvjNSaUj0c-gbjWrvpIPMksxox1JIK24sCeZKgmss9fWGo0saZvI9kzJbb4NPB39HIY3rtpUiNn6Hd05BLhq8JwSv4s9gngIfQEzNjTuPPjbHHQ7kOtn4QmP8ZIWpeXtQS-bn398zbpo6bDwHFrkjgkllwnc6ZxvZrRR0KKq8YZAaUqYgV8B_pO_useLCuFRzVnk-MVQ8sr5FLimzg5Ix3Z1Yd-whw2Zy-uWcTX6Qemzy4KiNLWCpLYTSyOH2sz5egwqhbmLPwHkzvfP5Q2W4_MBJKvgY-NMao6R5ME4WOo_T-HhkjkdSXm16crKN155JSqMRD8HDQkdxjAq7UnzCZ5s4A-N4nXksdpcceCRPldR1PEyW6gdrdi4LyMUpK14Z1ZdneOOH4jlVU6QlzJXLnjiDfksQLzviKx_E1yfccPm_7UhsSsG5TyJ5M2SXr8P651zNTT_juhzIgvuAV1zkIzSnWDHV-qA89-aaPvI1e8h_o5G1-Z1bEUd_vFu7C4PBquLojruE4DtdHByfWX8az2v_gPvYj8BSfRj_DcgawHgq8NocnKQ0OfgSD_ExxeV_Bufc6Q.js.xhtml?ln=omnifaces.combined&v=9eaa7066975433ee72a31c885fb1c62da748b6af(Line 19069)
Message:
Unrecognized Content-Security-Policy directive 'referrer'.
rendering info URL: https://banking.sparda.at/banking/login.xhtml?m=44&f=2
Message:
Autofocus processing was blocked because a document already has a focused element.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' gap: about:; script-src 'self' gap: cordova: fonts.googleapis.com google.com maps.gstatic.com maps.googleapis.com gateway.webid-solutions.de webid-gateway.de *.ahoyrtc.com 'unsafe-eval' *.arz.at 'nonce-5f272a21b2214d32b380b7b7a309810e'; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.arz.at; img-src 'self' data: android-webview-video-poster: csi.gstatic.com maps.gstatic.com *.googleapis.com *.arz.at www.volksbank.at; font-src 'self' fonts.gstatic.com fonts.googleapis.com data: *.arz.at; connect-src 'self' blob: *.ahoyrtc.com wss://*.ahoyrtc.com gateway.webid-solutions.de webid-gateway.de *.arz.at; media-src 'self' *.ahoyrtc.com www.volksbank.at; object-src 'self'; child-src 'self'; frame-src 'self' gap: https://sign.prime-sign.com; frame-ancestors 'none'; form-action 'self' https://angebot.derfairecredit.at https://shop.ergo-versicherung.at; block-all-mixed-content; reflected-xss block; manifest-src 'self'; referrer origin; report-uri https://banking.sparda.at:443/banking/rest/cspreport?m=44&u=; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block