areapersonale.carta.tfbank.it Open in urlscan Pro
13.69.68.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://areapersonale.carta.tfbank.it/login
Submission: On November 29 via manual (November 29th 2024, 8:59:22 am UTC) from IT — Scanned from IT

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 28 HTTP transactions. The main IP is 13.69.68.16, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is areapersonale.carta.tfbank.it.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on November 10th 2024. Valid for: 6 months.

This is the only time areapersonale.carta.tfbank.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	13.69.68.16 13.69.68.16	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	20.50.88.233 20.50.88.233	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	185.195.94.202 185.195.94.202	42649 (bbn Baffi...) (bbn Baffin Bay Networks AB)
2	172.66.0.125 172.66.0.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	5

16 13.69.68.16 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

areapersonale.carta.tfbank.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 20.50.88.233 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.195.94.202 (Sweden)

ASN42649 (bbn Baffin Bay Networks AB, SE)
PTR: vbdc-n.baffinbaynetworks.com

prodcustomerdataapi.tfbank.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.66.0.125 (United States)

ASN13335 (CLOUDFLARENET, US)

content01.tfbank.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	tfbank.it areapersonale.carta.tfbank.it	3 MB
8	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 801	1 KB
3	tfbank.se prodcustomerdataapi.tfbank.se content01.tfbank.se	5 KB
0	googletagmanager.com Failed www.googletagmanager.com Failed
28	4

	Domain	Requested by
16	areapersonale.carta.tfbank.it	areapersonale.carta.tfbank.it
8	dc.services.visualstudio.com	areapersonale.carta.tfbank.it
2	content01.tfbank.se	areapersonale.carta.tfbank.it
1	prodcustomerdataapi.tfbank.se	areapersonale.carta.tfbank.it
0	www.googletagmanager.com Failed	areapersonale.carta.tfbank.it
28	5

This site contains no links.

Subject Issuer	Validity	Valid
areapersonale.carta.tfbank.it GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-11-10` - `2025-05-10`	6 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 04	`2024-11-23` - `2025-05-22`	6 months	crt.sh
*.tfbank.se GlobalSign RSA OV SSL CA 2018	`2024-04-15` - `2025-05-17`	a year	crt.sh
content01.tfbank.se WE1	`2024-10-28` - `2025-01-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://areapersonale.carta.tfbank.it/login
Frame ID: B74206674F8A62ACD0ECA2C449AD97DA
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Pages | TF Bank

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

28
Requests

96 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

3309 kB
Transfer

5594 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login Show response
areapersonale.carta.tfbank.it/ 584 B
2 KB 1085ms
85ms Document
text/html 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2150b39aa2ee3b2c291ca229b4d0723b41c4f96788ebc30b5343de9c82c48ba4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 468
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Type: text/html
Date: Fri, 29 Nov 2024 08:59:04 GMT
ETag: "0d143ce5f2bdb1:0"
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Permissions-Policy: camera=(self)
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK main.0fdedd25.js Show response
areapersonale.carta.tfbank.it/static/js/ 1 MB
444 KB 87ms
87ms Script
application/x-javascript 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/static/js/main.0fdedd25.js

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

94916fe75b2e3b83619d8ac422bc9ffd20bcef03ad6aac567aa74ca0e7765b28

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/login

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Date: Fri, 29 Nov 2024 08:59:04 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK main.0748c953.css
areapersonale.carta.tfbank.it/static/css/ 149 KB
37 KB 697ms
88ms Stylesheet
text/css 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/static/css/main.0748c953.css

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

26be3b391b6f42037fa6e2b048098ac5f5737a1794efaaf1402bf952bc821873

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/login

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 36341
Date: Fri, 29 Nov 2024 08:59:05 GMT
Content-Type: text/css
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET gtm.js
www.googletagmanager.com/ 0
0

GET
H/1.1 200
OK 362.1a9ca926.chunk.css
areapersonale.carta.tfbank.it/static/css/ 45 KB
35 KB 166ms
161ms Stylesheet
text/css 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/static/css/362.1a9ca926.chunk.css

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/main.0fdedd25.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

69fd0c4299da4d71a3aa7eec3fa938f6767fffe57ac7b81cc3247dbbcbe9c639

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/login

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 34445
Date: Fri, 29 Nov 2024 08:59:05 GMT
Content-Type: text/css
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK 362.7a9f64f0.chunk.js Show response
areapersonale.carta.tfbank.it/static/js/ 2 MB
726 KB 162ms
157ms Script
application/x-javascript 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/main.0fdedd25.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

38c131181464f30cd7ec79a3912b5af8909064ed94669b8145336c0e8a446c40

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/login

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Date: Fri, 29 Nov 2024 08:59:05 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK 741.ef092e19.chunk.css
areapersonale.carta.tfbank.it/static/css/ 124 KB
43 KB 532ms
142ms Stylesheet
text/css 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/static/css/741.ef092e19.chunk.css

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/main.0fdedd25.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6f845f00a54dac7ef5a98fb9e6dd98072493338fe8fe60bc7666e1d288b57298

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/login

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 43461
Date: Fri, 29 Nov 2024 08:59:06 GMT
Content-Type: text/css
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK 741.5030ec24.chunk.js Show response
areapersonale.carta.tfbank.it/static/js/ 350 KB
124 KB 534ms
143ms Script
application/x-javascript 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/static/js/741.5030ec24.chunk.js

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/main.0fdedd25.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

351ad8494c46efc186bb11d00cbd8bb613e5b718525925647a6d71b71478cf6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/login

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Date: Fri, 29 Nov 2024 08:59:06 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK translation.json Show response
areapersonale.carta.tfbank.it/locales/it-IT/ 47 KB
16 KB 165ms
164ms Fetch
application/json 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/locales/it-IT/translation.json

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e02e246831487319626393fc8e816b3f4c84aa6f2ee3647646fd3cef8f2f7b4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

request-id: |3d223db13a564a38b1717d1f199288d2.cdb27d009b7248f4
traceparent: 00-3d223db13a564a38b1717d1f199288d2-cdb27d009b7248f4-01
Referer: https://areapersonale.carta.tfbank.it/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "08e3c965f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 15695
Date: Fri, 29 Nov 2024 08:59:07 GMT
Content-Type: application/json
Last-Modified: Thu, 31 Oct 2024 06:39:08 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK translation.json Show response
areapersonale.carta.tfbank.it/locales/it/ 584 B
1 KB 169ms
169ms Fetch
text/html 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/locales/it/translation.json

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2150b39aa2ee3b2c291ca229b4d0723b41c4f96788ebc30b5343de9c82c48ba4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

request-id: |3d223db13a564a38b1717d1f199288d2.a6115b8c012c4534
traceparent: 00-3d223db13a564a38b1717d1f199288d2-a6115b8c012c4534-01
Referer: https://areapersonale.carta.tfbank.it/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 468
Date: Fri, 29 Nov 2024 08:59:07 GMT
Content-Type: text/html
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK meta.json Show response
areapersonale.carta.tfbank.it/ 19 B
1 KB 163ms
163ms Fetch
application/json 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/meta.json

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

701d838178929148f2eb418c3c97c99636c033fc2efa6874d65299f6df4929d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

request-id: |3d223db13a564a38b1717d1f199288d2.1e2895a8779e41c7
traceparent: 00-3d223db13a564a38b1717d1f199288d2-1e2895a8779e41c7-01
Referer: https://areapersonale.carta.tfbank.it/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0e89e985f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 139
Date: Fri, 29 Nov 2024 08:59:07 GMT
Content-Type: application/json
Last-Modified: Thu, 31 Oct 2024 06:39:12 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK favicon.ico
areapersonale.carta.tfbank.it/ 1 KB
2 KB 152ms
152ms Other
image/x-icon 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1431b53f53544a5c47d19c148c9624b389fa5722f3605e22afd7161e3c5e0b24

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/login

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag: "0d34df55e2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 1150
Date: Fri, 29 Nov 2024 08:59:07 GMT
Content-Type: image/x-icon
Last-Modified: Thu, 31 Oct 2024 06:34:38 GMT
X-Frame-Options: SAMEORIGIN

POST
H2 400 track Show response
dc.services.visualstudio.com/v2/ 199 B
303 B 194ms
185ms XHR
application/json 20.50.88.233
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.233 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

dcedc71969d6334e3d6e59c89192507e4c243453fb7f5c1bb26613c16df86a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Fri, 29 Nov 2024 08:59:07 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ 0
0 769ms
97ms Preflight 20.50.88.233
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.233 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://areapersonale.carta.tfbank.it
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 29 Nov 2024 08:59:07 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

GET
H/1.1 204
No Content next Show response
prodcustomerdataapi.tfbank.se/api/customerservice/maintenance/ 0
939 B 2875ms
1399ms XHR
text/plain 185.195.94.202
bbn Baffin Bay Ne...

General

Check archive.org

Show headers Download Go to

Full URL

https://prodcustomerdataapi.tfbank.se/api/customerservice/maintenance/next?market=Italy

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.195.94.202 , Sweden, ASN42649 (bbn Baffin Bay Networks AB, SE),

Reverse DNS

vbdc-n.baffinbaynetworks.com

Software

baffin-bay-inlet / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=14515200

Request headers

Referer
Accept-Language: it-IT
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=14515200
Access-Control-Expose-Headers: x-contenttype
api-supported-versions: 1.0
Connection: keep-alive
Request-Context: appId=cid-v1:90efdaad-7981-4750-b06c-44c489670db0
Access-Control-Allow-Origin: *
Date: Fri, 29 Nov 2024 08:59:10 GMT
X-Powered-By: ASP.NET
Server: baffin-bay-inlet

GET
H/1.1 200
OK favicon.ico
areapersonale.carta.tfbank.it/ 1 KB
0 0ms
0ms Other
image/x-icon 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1431b53f53544a5c47d19c148c9624b389fa5722f3605e22afd7161e3c5e0b24

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/

Response headers

Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag: "0d34df55e2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 1150
Date: Fri, 29 Nov 2024 08:59:07 GMT
Content-Type: image/x-icon
Last-Modified: Thu, 31 Oct 2024 06:34:38 GMT
X-Frame-Options: SAMEORIGIN

GET
H2 200 content Show response
content01.tfbank.se/umbraco/delivery/api/v2/ 13 KB
4 KB 121ms
108ms XHR
application/json 172.66.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content01.tfbank.se/umbraco/delivery/api/v2/content
Requested by: Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: be5c81af899fb24dc44caf49b5f8392883281bc2e7cc6dfd6bc784760de0714a

Request headers

Api-Key: VGhDQ33nVOpyIPex+4QnOa7AsSufcGe8t+qF6mb9L7UkUfOzHYCSbAbVfcmAMf0NNkQDAnslzJ5dplRwJeCrYUuxfALWWpmpBAWjddpkiTJblBdzMj3w9rkGwtv1PMBE+B040v2m9sb2rx1Sr4Rd2GSTv1agMfQ2d4Pgr4zFz2bu35+pMlBTZyRaInR2e0Q2hbmNM78ekctoXSr5G2A+esKHqTt8XCam7E+EH4K1mY6uXIbPVjSqwXYSZw6J2GhbB6mG6KHIkU1pyNWw3BABTwOa7XylJ4GkNlEnx3pG2P
Referer
Accept-Language: it-IT
Accept: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
api-supported-versions: 1.0, 2.0
cf-ray: 8ea166623f1cdc8d-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 29 Nov 2024 08:59:08 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: ASP.NET
server: cloudflare

GET
H/1.1 200
OK favicon.ico
areapersonale.carta.tfbank.it/ 1 KB
0 3ms
3ms Other
image/x-icon 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1431b53f53544a5c47d19c148c9624b389fa5722f3605e22afd7161e3c5e0b24

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/login

Response headers

Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag: "0d34df55e2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 1150
Date: Fri, 29 Nov 2024 08:59:07 GMT
Content-Type: image/x-icon
Last-Modified: Thu, 31 Oct 2024 06:34:38 GMT
X-Frame-Options: SAMEORIGIN

OPTIONS
H2 204 content
content01.tfbank.se/umbraco/delivery/api/v2/ 0
0 787ms
193ms Preflight 172.66.0.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content01.tfbank.se/umbraco/delivery/api/v2/content
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: api-key
Access-Control-Request-Method: GET
Origin: https://areapersonale.carta.tfbank.it
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: api-key
access-control-allow-methods: GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ea16660dc38dc8d-FRA
date: Fri, 29 Nov 2024 08:59:08 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H/1.1 200
OK woman_hanging_outside_car_window.9b0506a76f7b5929e85d.webp
areapersonale.carta.tfbank.it/static/media/ 2 MB
2 MB 74ms
71ms Image
image/webp 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://areapersonale.carta.tfbank.it/static/media/woman_hanging_outside_car_window.9b0506a76f7b5929e85d.webp

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/css/741.ef092e19.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a6bcbccd8410b2044e7a005c74c71c09c8ffc2021f516b191c84f2744e6f3cc1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/static/css/741.ef092e19.chunk.css

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 1600548
Date: Fri, 29 Nov 2024 08:59:07 GMT
Content-Type: image/webp
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK logo-white.799bf51a13cdf5ad3702.svg
areapersonale.carta.tfbank.it/static/media/ 3 KB
4 KB 75ms
73ms Image
image/svg+xml 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://areapersonale.carta.tfbank.it/static/media/logo-white.799bf51a13cdf5ad3702.svg

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/css/741.ef092e19.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a1c5ae128a15c00c005f02cab2836792f33932f4ff2b4ffde7dda864641d169e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/static/css/741.ef092e19.chunk.css

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 3048
Date: Fri, 29 Nov 2024 08:59:07 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
X-Frame-Options: SAMEORIGIN

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ca9e44cda59c6232b2393b76a2e68e36dd7c588e96c4dfefea7363fdd94f322

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Raleway-VariableFont_wght.575ec9e676c7a85494bb.ttf
areapersonale.carta.tfbank.it/static/media/ 302 KB
303 KB 75ms
75ms Font
application/octet-stream 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/static/media/Raleway-VariableFont_wght.575ec9e676c7a85494bb.ttf

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/css/main.0748c953.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8e7948221210e0bff86b70de2a2e893e24e0d9c5a16a5db0aa47834b88bf1998

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://areapersonale.carta.tfbank.it
Referer: https://areapersonale.carta.tfbank.it/static/css/main.0748c953.css

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 309720
Date: Fri, 29 Nov 2024 08:59:07 GMT
Content-Type: application/octet-stream
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
X-Frame-Options: SAMEORIGIN

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ 0
0 337ms
103ms Preflight 20.50.88.233
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.233 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://areapersonale.carta.tfbank.it
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 29 Nov 2024 08:59:07 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 400 track Show response
dc.services.visualstudio.com/v2/ 337 B
395 B 185ms
179ms XHR
application/json 20.50.88.233
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.233 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

341e7fc9550aa1c279ac9ccc64388e39e3190b0db863c3f8286769bbc0fee028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Fri, 29 Nov 2024 08:59:07 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

POST
H2 400 track Show response
dc.services.visualstudio.com/v2/ 130 B
188 B 189ms
187ms XHR
application/json 20.50.88.233
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.233 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

b43975255fb1e5c6a2a75c9d590bfc00dd1bbfe312196e9d83735012142ccfe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Fri, 29 Nov 2024 08:59:07 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ 0
0 127ms
100ms Preflight 20.50.88.233
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.233 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://areapersonale.carta.tfbank.it
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 29 Nov 2024 08:59:07 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 400 track Show response
dc.services.visualstudio.com/v2/ 130 B
188 B 190ms
185ms XHR
application/json 20.50.88.233
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.233 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

b43975255fb1e5c6a2a75c9d590bfc00dd1bbfe312196e9d83735012142ccfe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Fri, 29 Nov 2024 08:59:07 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ 0
0 123ms
101ms Preflight 20.50.88.233
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.233 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://areapersonale.carta.tfbank.it
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 29 Nov 2024 08:59:07 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=&l=PageDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.areapersonale.carta.tfbank.it/	1969-12-31 23:59:59	Name: ARRAffinity Value: abcf20ef617d6c237879e215c90105d8c5fb91ef4ce74676c484c622c655041e
.areapersonale.carta.tfbank.it/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: abcf20ef617d6c237879e215c90105d8c5fb91ef4ce74676c484c622c655041e
areapersonale.carta.tfbank.it/	1970-01-21 10:06:46	Name: ai_user Value: Py0ewP3awL01BmOX1NBZKR\|2024-11-29T08:59:07.387Z
areapersonale.carta.tfbank.it/	1970-01-21 01:21:12	Name: ai_session Value: OPJcpJF/Br+aTCku2TE2iU\|1732870747493\|1732870747493

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dc.services.visualstudio.com/v2/track Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://dc.services.visualstudio.com/v2/track Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://dc.services.visualstudio.com/v2/track Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://dc.services.visualstudio.com/v2/track Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

areapersonale.carta.tfbank.it
content01.tfbank.se
dc.services.visualstudio.com
prodcustomerdataapi.tfbank.se
www.googletagmanager.com
www.googletagmanager.com
13.69.68.16
172.66.0.125
185.195.94.202
20.50.88.233
1431b53f53544a5c47d19c148c9624b389fa5722f3605e22afd7161e3c5e0b24
2150b39aa2ee3b2c291ca229b4d0723b41c4f96788ebc30b5343de9c82c48ba4
26be3b391b6f42037fa6e2b048098ac5f5737a1794efaaf1402bf952bc821873
341e7fc9550aa1c279ac9ccc64388e39e3190b0db863c3f8286769bbc0fee028
351ad8494c46efc186bb11d00cbd8bb613e5b718525925647a6d71b71478cf6c
38c131181464f30cd7ec79a3912b5af8909064ed94669b8145336c0e8a446c40
5ca9e44cda59c6232b2393b76a2e68e36dd7c588e96c4dfefea7363fdd94f322
69fd0c4299da4d71a3aa7eec3fa938f6767fffe57ac7b81cc3247dbbcbe9c639
6f845f00a54dac7ef5a98fb9e6dd98072493338fe8fe60bc7666e1d288b57298
701d838178929148f2eb418c3c97c99636c033fc2efa6874d65299f6df4929d2
8e7948221210e0bff86b70de2a2e893e24e0d9c5a16a5db0aa47834b88bf1998
94916fe75b2e3b83619d8ac422bc9ffd20bcef03ad6aac567aa74ca0e7765b28
a1c5ae128a15c00c005f02cab2836792f33932f4ff2b4ffde7dda864641d169e
a6bcbccd8410b2044e7a005c74c71c09c8ffc2021f516b191c84f2744e6f3cc1
b43975255fb1e5c6a2a75c9d590bfc00dd1bbfe312196e9d83735012142ccfe5
be5c81af899fb24dc44caf49b5f8392883281bc2e7cc6dfd6bc784760de0714a
dcedc71969d6334e3d6e59c89192507e4c243453fb7f5c1bb26613c16df86a0e
e02e246831487319626393fc8e816b3f4c84aa6f2ee3647646fd3cef8f2f7b4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

areapersonale.carta.tfbank.it Open in urlscan Pro 13.69.68.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

96 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

3 Countries

3309 kBTransfer

5594 kBSize

4 Cookies

0 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

areapersonale.carta.tfbank.it Open in urlscan Pro
13.69.68.16 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

96 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

3309 kB
Transfer

5594 kB
Size

4
Cookies

28 HTTP transactions
1 data transactions