urlscan.io logo urlscan.io
SecurityTrails logo

v-accounting.bankaustria.at Open in urlscan Pro
217.148.100.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://v-accounting.bankaustria.at/
Effective URL: https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
Submission: On July 25 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 217.148.100.32, located in Italy and belongs to UNICREDIT-AS-MUC-DE UniCredit S.p.A., IT. The main domain is v-accounting.bankaustria.at.
TLS certificate: Issued by Actalis Organization Validated Server... on August 9th 2021. Valid for: a year.
This is the only time v-accounting.bankaustria.at was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 17 217.148.100.32 16379 (UNICREDIT...)
14 1
Apex Domain
Subdomains		 Transfer
17 bankaustria.at
v-accounting.bankaustria.at
308 KB
14 1
Domain Requested by
17 v-accounting.bankaustria.at 3 redirects v-accounting.bankaustria.at
14 1

This site contains links to these domains. Also see Links.

Domain
www.bankaustria.at
Subject Issuer Validity Valid
v-accounting.bankaustria.at
Actalis Organization Validated Server CA G3		 2021-08-09 -
2022-08-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
Frame ID: 8CAFF1BA2B0FF68B67881159C4C739F4
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IBM Virtual Accounting System for Unicredit

Page URL History Show full URLs

  1. https://v-accounting.bankaustria.at/ HTTP 302
    https://v-accounting.bankaustria.at/VA_Web HTTP 302
    https://v-accounting.bankaustria.at/VA_Web/ HTTP 302
    https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458 Page URL

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

306 kB
Transfer

298 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://v-accounting.bankaustria.at/ HTTP 302
    https://v-accounting.bankaustria.at/VA_Web HTTP 302
    https://v-accounting.bankaustria.at/VA_Web/ HTTP 302
    https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.xhtml
v-accounting.bankaustria.at/VA_Web/pages/
Redirect Chain
  • https://v-accounting.bankaustria.at/
  • https://v-accounting.bankaustria.at/VA_Web
  • https://v-accounting.bankaustria.at/VA_Web/
  • https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.148.100.32 , Italy, ASN16379 (UNICREDIT-AS-MUC-DE UniCredit S.p.A., IT),
Reverse DNS
Software
/
Resource Hash
221541e20d9a0ad0c96ba8ff3679f936f8956c98cf1d840a8fe391b277495f0b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Length
12035
Content-Security-Policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Jul 2022 12:30:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=15, max=97
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Length
357
Content-Security-Policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Jul 2022 12:30:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=15, max=98
Location
https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
DENY SAMEORIGIN
X-XSS-Protection
1; mode=block
theme.css.xhtml
v-accounting.bankaustria.at/VA_Web/javax.faces.resource/ 		24 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v-accounting.bankaustria.at/VA_Web/javax.faces.resource/theme.css.xhtml?ln=primefaces-aristo
Requested by
Host: v-accounting.bankaustria.at
URL: https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.148.100.32 , Italy, ASN16379 (UNICREDIT-AS-MUC-DE UniCredit S.p.A., IT),
Reverse DNS
Software
/
Resource Hash
dd54f19aeec58a092f51ff8b21faa6d12888bb94860e9bf328ade2cc44a5e7c6
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Mar 2020 09:52:58 GMT
Date
Mon, 25 Jul 2022 12:30:17 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Content-Security-Policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Connection
Keep-Alive
Keep-Alive
timeout=15, max=96
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Expires
Mon, 01 Aug 2022 12:30:17 GMT
jsf.js.xhtml
v-accounting.bankaustria.at/VA_Web/javax.faces.resource/ 		42 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v-accounting.bankaustria.at/VA_Web/javax.faces.resource/jsf.js.xhtml?ln=javax.faces
Requested by
Host: v-accounting.bankaustria.at
URL: https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.148.100.32 , Italy, ASN16379 (UNICREDIT-AS-MUC-DE UniCredit S.p.A., IT),
Reverse DNS
Software
/
Resource Hash
af558ed2622ba66522eb1ea4c802b5726f5f1fd5cc31a7f02ca5c3791e212a27
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Date
Mon, 25 Jul 2022 12:30:17 GMT
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 29 Mar 2022 23:05:58 GMT
ETag
W/"42724-1648595158000"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Content-Security-Policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Keep-Alive
timeout=15, max=100
Expires
Mon, 01 Aug 2022 12:30:17 GMT
custom.css
v-accounting.bankaustria.at/VA_Web/theme/ 		41 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v-accounting.bankaustria.at/VA_Web/theme/custom.css
Requested by
Host: v-accounting.bankaustria.at
URL: https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.148.100.32 , Italy, ASN16379 (UNICREDIT-AS-MUC-DE UniCredit S.p.A., IT),
Reverse DNS
Software
/
Resource Hash
d649747629c103b4c2da4963094317de60272918abbee073733ff306a400baae
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 19 Jan 2022 14:57:24 GMT
Date
Mon, 25 Jul 2022 12:30:17 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
42437
X-Content-Type-Options
nosniff
mm.js
v-accounting.bankaustria.at/VA_Web/scripts/common/ 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v-accounting.bankaustria.at/VA_Web/scripts/common/mm.js
Requested by
Host: v-accounting.bankaustria.at
URL: https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.148.100.32 , Italy, ASN16379 (UNICREDIT-AS-MUC-DE UniCredit S.p.A., IT),
Reverse DNS
Software
/
Resource Hash
8a99bc33e098143f8e26c109b21d6d8c2584c3618b54dc35d326861f60998b22
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 19 Jan 2022 15:02:12 GMT
Date
Mon, 25 Jul 2022 12:30:17 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=UTF-8
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
26877
X-Content-Type-Options
nosniff
Locale2_2_0.js
v-accounting.bankaustria.at/VA_Web/adf/jsLibs/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v-accounting.bankaustria.at/VA_Web/adf/jsLibs/Locale2_2_0.js
Requested by
Host: v-accounting.bankaustria.at
URL: https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.148.100.32 , Italy, ASN16379 (UNICREDIT-AS-MUC-DE UniCredit S.p.A., IT),
Reverse DNS
Software
/
Resource Hash
d6555cb8a9758483b2cedee14e330d785355e6e0fc6ec346bc686095df4b9f12
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 21 Jul 2017 12:40:36 GMT
Date
Mon, 25 Jul 2022 12:30:17 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
X-XSS-Protection
1; mode=block
Cache-Control
Public
Content-Security-Policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Content-Length
11979
X-Content-Type-Options
nosniff
Expires
Sun, 23 Jul 2023 12:30:18 GMT
Common2_2_0.js
v-accounting.bankaustria.at/VA_Web/adf/jsLibs/ 		127 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v-accounting.bankaustria.at/VA_Web/adf/jsLibs/Common2_2_0.js
Requested by
Host: v-accounting.bankaustria.at
URL: https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.148.100.32 , Italy, ASN16379 (UNICREDIT-AS-MUC-DE UniCredit S.p.A., IT),
Reverse DNS
Software
/
Resource Hash
171abdda7a076c79b68317346cecb8a4240c2030aba3c1c6a3c854d10a975f58
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v-accounting.bankaustria.at/VA_Web/pages/login.xhtml?conversationId=1458
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 21 Jul 2017 12:40:36 GMT
Date
Mon, 25 Jul 2022 12:30:17 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
X-XSS-Protection
1; mode=block
Cache-Control
Public
Transfer-Encoding
chunked
Content-Security-Policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
X-Content-Type-Options
nosniff
Expires
Sun, 23 Jul 2023 12:30:17 GMT
modalPanelOverlayBg.png
v-accounting.bankaustria.at/VA_Web/images/ 		112 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-accounting.bankaustria.at/VA_Web/images/modalPanelOverlayBg.png
Requested by
Host: v-accounting.bankaustria.at
URL: https://v-accounting.bankaustria.at/VA_Web/theme/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.148.100.32 , Italy, ASN16379 (UNICREDIT-AS-MUC-DE UniCredit S.p.A., IT),
Reverse DNS
Software
/
Resource Hash
5667e063201ebe497382e0f45237116721cb2e82b50f3da9bac10343ace3e3de
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v-accounting.bankaustria.at/VA_Web/theme/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 19 Jan 2022 14:57:24 GMT
Date
Mon, 25 Jul 2022 12:30:18 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
112
X-Content-Type-Options
nosniff
uni-credit-logo_AT.png
v-accounting.bankaustria.at/VA_Web/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-accounting.bankaustria.at/VA_Web/images/uni-credit-logo_AT.png
Requested by
Host: v-accounting.bankaustria.at
URL: https://v-accounting.bankaustria.at/VA_Web/theme/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.148.100.32 , Italy, ASN16379 (UNICREDIT-AS-MUC-DE UniCredit S.p.A., IT),
Reverse DNS
Software
/
Resource Hash
8b72c3ef234f14f23e5789d08820161cc824450cb4e627c17d296f447a54db2e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v-accounting.bankaustria.at/VA_Web/theme/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 19 Jan 2022 14:57:24 GMT
Date
Mon, 25 Jul 2022 12:30:18 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
10652
X-Content-Type-Options
nosniff
boxC.png
v-accounting.bankaustria.at/VA_Web/images/box/content/ 		426 B
972 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-accounting.bankaustria.at/VA_Web/images/box/content/boxC.png
Requested by
Host: v-accounting.bankaustria.at
URL: https://v-accounting.bankaustria.at/VA_Web/theme/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.148.100.32 , Italy, ASN16379 (UNICREDIT-AS-MUC-DE UniCredit S.p.A., IT),
Reverse DNS
Software
/
Resource Hash
e5f224aa15f46511885cab12e72080ed3f8335f2e73a9c008934fb2da0fa48e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v-accounting.bankaustria.at/VA_Web/theme/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 19 Jan 2022 14:57:34 GMT
Date
Mon, 25 Jul 2022 12:30:18 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
426
X-Content-Type-Options
nosniff
T.png
v-accounting.bankaustria.at/VA_Web/images/mcBx/ 		268 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-accounting.bankaustria.at/VA_Web/images/mcBx/T.png
Requested by
Host: v-accounting.bankaustria.at
URL: https://v-accounting.bankaustria.at/VA_Web/theme/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.148.100.32 , Italy, ASN16379 (UNICREDIT-AS-MUC-DE UniCredit S.p.A., IT),
Reverse DNS
Software
/
Resource Hash
9f04a2d931c57d4d6d301698bc15d4afc2da29352c6fbe7fe10fa643192adadc
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v-accounting.bankaustria.at/VA_Web/theme/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 19 Jan 2022 14:57:32 GMT
Date
Mon, 25 Jul 2022 12:30:18 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
268
X-Content-Type-Options
nosniff
L.png
v-accounting.bankaustria.at/VA_Web/images/mcBx/ 		490 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-accounting.bankaustria.at/VA_Web/images/mcBx/L.png
Requested by
Host: v-accounting.bankaustria.at
URL: https://v-accounting.bankaustria.at/VA_Web/theme/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.148.100.32 , Italy, ASN16379 (UNICREDIT-AS-MUC-DE UniCredit S.p.A., IT),
Reverse DNS
Software
/
Resource Hash
91f9f524041dcc73313bbd01626d34d68609e2bf768b0386e913c94ed28c7b90
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v-accounting.bankaustria.at/VA_Web/theme/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 19 Jan 2022 14:57:32 GMT
Date
Mon, 25 Jul 2022 12:30:18 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
490
X-Content-Type-Options
nosniff
R.png
v-accounting.bankaustria.at/VA_Web/images/mcBx/ 		511 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-accounting.bankaustria.at/VA_Web/images/mcBx/R.png
Requested by
Host: v-accounting.bankaustria.at
URL: https://v-accounting.bankaustria.at/VA_Web/theme/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.148.100.32 , Italy, ASN16379 (UNICREDIT-AS-MUC-DE UniCredit S.p.A., IT),
Reverse DNS
Software
/
Resource Hash
88f58ca852a1241f4cf64656115c1a1b15724b07f2da34e8c15039abc02c7a71
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v-accounting.bankaustria.at/VA_Web/theme/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 19 Jan 2022 14:57:32 GMT
Date
Mon, 25 Jul 2022 12:30:18 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=95
Content-Length
511
X-Content-Type-Options
nosniff
B.png
v-accounting.bankaustria.at/VA_Web/images/mcBx/ 		1019 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v-accounting.bankaustria.at/VA_Web/images/mcBx/B.png
Requested by
Host: v-accounting.bankaustria.at
URL: https://v-accounting.bankaustria.at/VA_Web/theme/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.148.100.32 , Italy, ASN16379 (UNICREDIT-AS-MUC-DE UniCredit S.p.A., IT),
Reverse DNS
Software
/
Resource Hash
c18b7fc96b7c7b8de00103b37fbfd32f2cab417eaef5f5d0a024b86605586111
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://v-accounting.bankaustria.at/VA_Web/theme/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 19 Jan 2022 14:57:32 GMT
Date
Mon, 25 Jul 2022 12:30:18 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
1019
X-Content-Type-Options
nosniff

Verdicts & Comments Add Verdict or Comment

360 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| jsf object| mojarra function| showDropDownMenu function| ajaxRequest function| ajaxOnclick function| ajaxOnchange function| mouseMoved function| getClientMessagesContainer function| getClientMessagesContainerAjax function| addClientMessages function| appendClientMessage function| removePreviousMessage function| cleanupContainer function| synchronizeClientMessages function| orderMessages function| getMsgsCntr function| clickDefaultButtonOnEnter function| setDefaultButton function| getOverlay function| showOverlay function| hideOverlay function| overlayResize function| getElementsByClassName function| applyStyles function| addRowHover function| addSectionGridFirst function| addHover function| setVisible function| show function| hide function| addDiv function| addTr function| addTd function| addBox function| closeCallout function| showCallout function| getCallout function| setCalloutPosition function| getOffset function| createHtml function| updateFields function| toggle function| getClassNameRegex function| getAjaxCallback function| initAjaxCallback function| initModalPanel function| showModalPanel function| hideModalPanel function| MMPageSupport object| PageSupport function| MMSectionSupport object| SectionSupport function| getViewState function| hasViewState function| createViewState undefined| f string| _AdfWindowOpenError function| _createFacesMessage function| _createCustomFacesMessage object| TrFormatUtils undefined| _digits undefined| _decimalSep undefined| _groupingSep function| isDigit function| _getDigits function| parseDigit function| isNotLowerCase function| isLowerCase function| _isLowerCaseStrict function| isUpperCase function| isNotUpperCase function| _isUpperCaseStrict function| isLetter function| getUserLanguage function| getJavaLanguage function| getLocaleSymbols function| _getEras function| _getMonths function| _getShortMonths function| _getWeekdays function| _getShortWeekdays function| _getAmPmStrings function| _getZoneStrings function| _getLocalPatternChars function| _getDecimalSeparator function| _getGroupingSeparator function| _getPatternSeparator function| _getPercent function| _getPercentSuffix function| _getZeroDigit function| _getDigit function| _getMinusSign function| _getExponential function| _getPerMill function| _getInfinity function| _getNaN function| _getCurrencySymbol function| _getCurrencyCode function| _getPositivePrefix function| _getPositiveSuffix function| _getNegativePrefix function| _getNegativeSuffix function| _getLocaleElements function| _getFullTimePatternString function| _getLongTimePatternString function| _getMediumTimePatternString function| _getShortTimePatternString function| _getFullDatePatternString function| _getLongDatePatternString function| _getMediumDatePatternString function| _getShortDatePatternString function| _getDateTimeFormatString function| LocaleSymbols function| TrConverterHint function| TrValidatorHint function| TrConverter function| TrValidator function| TrConverterException function| TrValidatorException function| TrFacesMessage object| TrFastMessageFormatUtils object| TrMessageFactory function| _dfsv function| _getDayLightSavOffset function| _returnCalendarValue function| _returnPopupCalendarValue function| _ldp function| _dfgv function| _getTimePortion function| _getLocaleTimeZoneDifference2 function| _getTimezoneDiff function| _dfGetMidnight function| _dfb function| _dff function| _dfa function| _calsd function| _updateCal function| _doCancel function| _selectDate undefined| _DATE_DIALOG undefined| _savedField1879034 function| _getDateFieldFormat function| _fixDFF function| TrMessageBox boolean| _pprBackRestoreInlineScripts boolean| _pprBlocking boolean| _blockOnEverySubmit boolean| _pprFirstClickPass string| _pprdivElementName undefined| _pprLibStore number| _pprBlockStartTime object| _pprBlockingTimeout object| _pprEventElement boolean| _pprSavedCursorFlag boolean| _pprChoiceChanged object| _agent undefined| _lastDateSubmitted number| _lastDateReset number| _lastDateValidated number| _lastValidationFailure object| _delayedEventParams object| _initialFocusID object| _TrFocusRequestDoc object| _TrFocusRequestID boolean| _TrFocusRequestNext boolean| _TrEventBasedValidation boolean| _blockCheckUnloadFromDialog object| _saveForm object| _saveDoValidate object| _saveParameters boolean| _submitRejected boolean| _inPartialSubmit boolean| _pendingRadioButton object| _IE_MOUSE_CAPTURE_EVENTS object| _GECKO_MOUSE_CAPTURE_EVENTS function| _atLeast function| _atMost function| _supportsDOM function| _agentInit object| _ieFeatures object| _nnFeatures object| _modelessFeatureOverrides object| _modalFeatureOverrides object| _featureDefaults object| _signedFeatures object| _booleanFeatures function| _addEvent function| _removeEvent function| _getBodyWidth function| _getContentWidth function| _getParentWindow function| _getTop function| t function| _getDependents function| _getDependent function| _setDependent function| _getModalDependent function| _isModalDependent function| _unloadADFDialog function| _checkUnload function| _addModalCaptureIE function| _removeModalCaptureIE function| _captureEventIE function| _addModalCaptureGecko function| _removeModalCaptureGecko function| _captureEventGecko function| _isModalAbandoned function| _setModalAbandoned function| _getKeyValueString function| _dumpSuppress function| _dump function| _getJavascriptId function| _getFormName function| _validateForm function| _valField function| _validateAlert function| _validateInline function| _validateInput function| _recordValidation function| _recentValidation function| _commandChoice function| submitForm function| _autoCompleteForm function| _submitOnEnter function| _saveFormForLaterSubmit function| _submitFormCheck function| resetForm function| createNameValueString function| _getValue function| _setSelectIndexById function| _syncChoiceIndex function| _clearPassword function| _setFocus function| _addValidators function| _multiValidate function| _getGlobalErrorString function| _isShowing function| _getID function| _getForm function| _getFormElement function| _getName function| _instanceof function| _getErrorString function| _getValidators function| _formatErrorString function| _chain function| _chainMultiple function| _callChained function| _checkLength function| _getElementById function| _findElementById function| _getQuerySeparator function| _addParameter function| _addFormParameter function| _pprInstallBlockingHandlers function| _pprConsumeClick function| _pprStartBlocking function| _doPprStartBlocking function| _pprStopBlocking function| _pprFocus function| _pprConsumeBlockedEvent function| _pprControlCapture function| _pprChoiceAction function| _pprChoiceChangeEvent function| _supportsPPR function| _firePartialChange function| _submitPartialChange function| _setRequestedFocusNode function| _getRequestedFocusNode function| _getFirstFocusable function| _restoreFocus function| _getAncestorByName function| _isDescendent function| _isFocusable function| _eval function| _getInputField function| _enterField function| _resetOnEscape function| _checkLoadNoPPR function| _checkLoad function| _getActiveElement function| _trTrackActiveElement function| _noReload function| _handleClientEvent function| _getCookie function| _setCookie function| _getTimeZoneID function| _isLTR function| _isSubmittingElement function| _getKC function| _recentSubmit function| _recentReset function| _radioSet_uixspu function| _radioSet_adfspu function| _stepSpinboxValue function| _clearSpinbox function| _spinboxRepeat function| _getEventObj object| TrUIUtils object| ADFDialogReturn function| _launchDialog function| openWindow function| _pollWhenModalDependentCloses function| _onModalFocus function| _clearBodyModalEffects function| _getValidModalDependent function| _sizeWin function| _tableSort function| CollectionComponent function| _TrPollManager function| _TrPollCommand object| _cfBus undefined| _cfTransIconURL undefined| _cfOpaqueIconURL undefined| _cfBgColor function| _cfsw function| _returnColorPickerValue function| _cfbs function| _cfUpdate function| _lcp undefined| _savedColorField1879034 function| _getColorFieldFormat function| _fixCFF string| _shuttle_no_name string| _shuttle_no_form_name_provided string| _shuttle_no_form_available function| TrShuttleProxy function| TrPanelPopup function| TrHoverPopup function| TrClickPopup function| TrPopupDialog function| TrPage function| TrStatusIndicator function| TrRequestQueue function| TrXMLRequest function| TrXMLJsfAjaxRequest function| TrXMLRequestEvent function| TrIFrameXMLRequestEvent function| _logoFormValidator function| checkExpiration function| canSubmit number| pageRenderedTime boolean| pageExpirationHandled number| submitCalls string| _loginForm_Submit function| _loginFormValidator string| _modalPanelsForm_Submit function| _modalPanelsFormValidator boolean| overlayResizeAdded object| ajxCb function| setFocusToModalButton boolean| LoadSuccess

4 Cookies

Domain/Path Name / Value
v-accounting.bankaustria.at/VA_Web Name: javax.faces.ClientToken
Value: HW2x32wbyS3L6vddXd7B2vQtRU0LMFuAF2rubCB6XJAiuxghEx
v-accounting.bankaustria.at/VA_Web Name: TS01c83997
Value: 01ea7e53bf41eccbceabf78ff839a5df87455407d2bf01e212f4a21b2c122b6f5955a35d5bbe0d1d5930f7f262abeaa7f725e75387
v-accounting.bankaustria.at/ Name: TS018e42a3
Value: 01ea7e53bf41eccbceabf78ff839a5df87455407d2bf01e212f4a21b2c122b6f5955a35d5bbe0d1d5930f7f262abeaa7f725e75387
v-accounting.bankaustria.at/ Name: JSESSIONID
Value: L1w1VjIDAW1qG-a7XNhMQhIv1Ul2kPFdWkJw6S0TsHju5JpcoAUB!1846332204

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block