together-login.bunq.com Open in urlscan Pro
3.126.32.114  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response together-login.bunq.com/	3 KB 1 KB	34ms 9ms	Document text/html	3.126.32.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://together-login.bunq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.126.32.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-32-114.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash a6f3df27fcaf8ea832e62d31e09b861160498be10b556d4c48f8fdd8f27c4548 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers :method GET :authority together-login.bunq.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Sun, 24 Oct 2021 00:25:21 GMT content-type text/html content-length 801 server Apache strict-transport-security max-age=31536000 last-modified Thu, 21 Oct 2021 09:51:21 GMT etag "a69-5ced9d63b7840-gzip" accept-ranges bytes vary Accept-Encoding content-encoding gzip x-content-type-options nosniff x-frame-options sameorigin
GET H2	200	css2 fonts.googleapis.com/	31 KB 2 KB	40ms 18ms	Stylesheet text/css	172.217.16.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Requested by Host: together-login.bunq.com URL: https://together-login.bunq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f10.1e100.net Software ESF / Resource Hash e9c2df2904ee0ac9a0dcc01dbb90666d1c1fd659891fcecba4aa7f64ee0406c1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://together-login.bunq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 24 Oct 2021 00:25:04 GMT server ESF date Sun, 24 Oct 2021 00:25:21 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sun, 24 Oct 2021 00:25:21 GMT
GET H2	200	user_web_authentication.3c560794165857fbbc2c.js Show response together-login.bunq.com/dist/	571 KB 139 KB	23ms 22ms	Script application/javascript	3.126.32.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://together-login.bunq.com/dist/user_web_authentication.3c560794165857fbbc2c.js Requested by Host: together-login.bunq.com URL: https://together-login.bunq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.126.32.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-32-114.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 2ce4c29043d5ca2773c4f0a6500da3ec57dfcc3c2b12dc9bcf774cc07e42a8eb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers :path /dist/user_web_authentication.3c560794165857fbbc2c.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority together-login.bunq.com referer https://together-login.bunq.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://together-login.bunq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 00:25:21 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 21 Oct 2021 09:51:21 GMT server Apache etag "8eb26-5ced9d63b7840-gzip" x-frame-options sameorigin content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes vary Accept-Encoding
GET H2	200	user_web_authentication.6fd5e93a4a0eaa2a925c.css together-login.bunq.com/dist/	26 KB 7 KB	10ms 10ms	Stylesheet text/css	3.126.32.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://together-login.bunq.com/dist/user_web_authentication.6fd5e93a4a0eaa2a925c.css Requested by Host: together-login.bunq.com URL: https://together-login.bunq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.126.32.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-32-114.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 0a443d5c190dbe18992c068e415ceadca0e6217c89dca19a4b210fc13a244113 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers :path /dist/user_web_authentication.6fd5e93a4a0eaa2a925c.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority together-login.bunq.com referer https://together-login.bunq.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://together-login.bunq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 00:25:21 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 21 Oct 2021 09:51:21 GMT server Apache x-frame-options sameorigin etag "6996-5ced9d63b7840-gzip" vary Accept-Encoding content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 6548
GET H2	200	f22bbf8f51.js Show response kit.fontawesome.com/	11 KB 4 KB	127ms 82ms	Script text/javascript	104.18.23.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/f22bbf8f51.js Requested by Host: together-login.bunq.com URL: https://together-login.bunq.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.23.52 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbad408ce449cf9a61d6a73fb89cbfa32868b8bfbe389a6eb8a3013544228f05 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Referer https://together-login.bunq.com/ Origin https://together-login.bunq.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 00:25:22 GMT content-encoding gzip cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * access-control-max-age 3000 cache-control max-age=60, public, must-revalidate strict-transport-security max-age=31536000; preload cf-ray 6a2f11485ef7f9da-PRG access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id FrDPx9xEl6Vv0k2O49tB
OPTIONS H2	204	user-web-authentication api.together-login.bunq.com/v1/	0 0	40ms 10ms	Preflight	3.120.137.191 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.together-login.bunq.com/v1/user-web-authentication Protocol H2 Server 3.120.137.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-137-191.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-bunq-client-request-id,x-bunq-client-version,x-bunq-language Origin https://together-login.bunq.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers date Sun, 24 Oct 2021 00:25:22 GMT server Apache strict-transport-security max-age=31536000 access-control-allow-origin * access-control-allow-methods POST, GET, OPTIONS access-control-allow-headers Content-Type, If-None-Match, X-Bunq-Region, X-Bunq-Language, X-Bunq-Client-Request-Id, X-Bunq-Geolocation, Cache-Control, X-Bunq-Client-Authentication, X-Bunq-Client-Signature, X-Bunq-Client-Version, User-Agent, Authorization
GET H2	200	pro.min.js Show response ka-p.fontawesome.com/releases/v5.15.4/js/	40 KB 14 KB	95ms 94ms	Fetch application/javascript	104.18.23.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/js/pro.min.js?token=f22bbf8f51 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/f22bbf8f51.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.23.52 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a Request headers Accept-Language de-DE,de;q=0.9 Referer https://together-login.bunq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 00:25:22 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag "610ae215-37b8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 6a2f1148ef25f9da-PRG content-length 14264
POST H2	200	/ Show response sentry.bunq.com/api/42/envelope/	2 B 211 B	38ms 9ms	Fetch application/json	52.29.3.83 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sentry.bunq.com/api/42/envelope/?sentry_key=3d80018ab90e461d942bb5ce8867e13f&sentry_version=7 Requested by Host: together-login.bunq.com URL: https://together-login.bunq.com/dist/user_web_authentication.3c560794165857fbbc2c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.29.3.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-29-3-83.eu-central-1.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://together-login.bunq.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://together-login.bunq.com date Sun, 24 Oct 2021 00:25:22 GMT server nginx/1.10.3 (Ubuntu) content-type application/json content-length 2 vary Origin access-control-expose-headers retry-after, x-sentry-error, x-sentry-rate-limits
GET H2	200	user_web_authentication.37847e43b8ca5e361fdd.js Show response together-login.bunq.com/dist/	10 KB 3 KB	10ms 9ms	Script application/javascript	3.126.32.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://together-login.bunq.com/dist/user_web_authentication.37847e43b8ca5e361fdd.js Requested by Host: together-login.bunq.com URL: https://together-login.bunq.com/dist/user_web_authentication.3c560794165857fbbc2c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.126.32.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-32-114.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 076d3be330795405e0ce72537a177e4e3d3746e2a93ea7924c4a00ef6785a8f1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers :path /dist/user_web_authentication.37847e43b8ca5e361fdd.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority together-login.bunq.com referer https://together-login.bunq.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://together-login.bunq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 00:25:22 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 21 Oct 2021 09:51:21 GMT server Apache x-frame-options sameorigin etag "299b-5ced9d63b7840-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 2810
GET H2	200	b5d318827975b99a0bf0.svg together-login.bunq.com/dist/	2 KB 3 KB	9ms 9ms	Image image/svg+xml	3.126.32.114 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://together-login.bunq.com/dist/b5d318827975b99a0bf0.svg Requested by Host: together-login.bunq.com URL: https://together-login.bunq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.126.32.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-32-114.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 88118ca2604c956a31b1a7919ac0599432e3acbe6c75de7f5528e02418961878 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers :path /dist/b5d318827975b99a0bf0.svg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority together-login.bunq.com referer https://together-login.bunq.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://together-login.bunq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 00:25:22 GMT x-content-type-options nosniff last-modified Thu, 21 Oct 2021 09:51:21 GMT server Apache etag "98c-5ced9d63b7840" x-frame-options sameorigin content-type image/svg+xml strict-transport-security max-age=31536000 accept-ranges bytes content-length 2444
POST H2	200	user-web-authentication Show response api.together-login.bunq.com/v1/	88 B 592 B	80ms 80ms	Fetch application/json	3.120.137.191 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.together-login.bunq.com/v1/user-web-authentication Requested by Host: together-login.bunq.com URL: https://together-login.bunq.com/dist/user_web_authentication.3c560794165857fbbc2c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.137.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-137-191.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 49dc8f045781e8926f71a545145c2fd4633a01f56eed2c7ed8cba3119d128773 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers X-Bunq-Language en_US Referer https://together-login.bunq.com/ X-Bunq-Client-Request-Id e18a0ba6-b938-4419-9993-a3409a41dec9 X-Bunq-Client-Version USER_WEB_AUTHENTICATION:PRODUCTION:202110210946 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 24 Oct 2021 00:25:22 GMT access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff server Apache x-frame-options sameorigin x-bunq-client-response-id 16fc2905-d5e6-4233-8f71-b1fd5fb5393f content-type application/json access-control-allow-origin * x-bunq-client-request-id e18a0ba6-b938-4419-9993-a3409a41dec9 strict-transport-security max-age=31536000 access-control-allow-headers Content-Type, If-None-Match, X-Bunq-Region, X-Bunq-Language, X-Bunq-Client-Request-Id, X-Bunq-Geolocation, Cache-Control, X-Bunq-Client-Authentication, X-Bunq-Client-Signature, X-Bunq-Client-Version, User-Agent, Authorization
GET H2	200	JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/	19 KB 20 KB	30ms 8ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash 13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://together-login.bunq.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 02:40:52 GMT x-content-type-options nosniff age 251070 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 19868 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:31 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 21 Oct 2022 02:40:52 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v18/	19 KB 20 KB	36ms 13ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash 2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://together-login.bunq.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 04:48:55 GMT x-content-type-options nosniff age 243387 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 19844 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:10 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 21 Oct 2022 04:48:55 GMT
GET BLOB	200 OK	e9bde1b0-5b24-48de-b654-89c19abbe256 https://together-login.bunq.com/	7 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://together-login.bunq.com/e9bde1b0-5b24-48de-b654-89c19abbe256 Requested by Host: together-login.bunq.com URL: https://together-login.bunq.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 81b04b1a20817239660c462407a84ea2e50ab0163509e48094d7cf898581c165 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Length 7596
GET H2	200	circle-notch.svg Show response ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/	685 B 552 B	77ms 77ms	Fetch image/svg+xml	104.18.23.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/circle-notch.svg?token=f22bbf8f51 Requested by Host: together-login.bunq.com URL: https://together-login.bunq.com/dist/user_web_authentication.3c560794165857fbbc2c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.23.52 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9de66f54952eb9ad24313dca0c2213dd9b7a9e32521f4f94da1c0f0aa08b664 Request headers Accept-Language de-DE,de;q=0.9 Referer https://together-login.bunq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 00:25:22 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:57:06 GMT server cloudflare etag W/"610ae302-2ad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type image/svg+xml access-control-allow-origin * cache-control max-age=31556926 cf-ray 6a2f11498f68f9da-PRG
OPTIONS H2	204	user-web-authentication api.together-login.bunq.com/v1/	0 0	8ms 8ms	Preflight	3.120.137.191 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.together-login.bunq.com/v1/user-web-authentication?token=65ec9a6f-6c8f-445d-be0c-ffa8c84d9606&count=1 Protocol H2 Server 3.120.137.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-137-191.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-bunq-client-request-id,x-bunq-client-version,x-bunq-language Origin https://together-login.bunq.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers date Sun, 24 Oct 2021 00:25:22 GMT server Apache strict-transport-security max-age=31536000 access-control-allow-origin * access-control-allow-methods POST, GET, OPTIONS access-control-allow-headers Content-Type, If-None-Match, X-Bunq-Region, X-Bunq-Language, X-Bunq-Client-Request-Id, X-Bunq-Geolocation, Cache-Control, X-Bunq-Client-Authentication, X-Bunq-Client-Signature, X-Bunq-Client-Version, User-Agent, Authorization
GET H2	200	user-web-authentication Show response api.together-login.bunq.com/v1/	9 KB 10 KB	57ms 57ms	Fetch application/json	3.120.137.191 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.together-login.bunq.com/v1/user-web-authentication?token=65ec9a6f-6c8f-445d-be0c-ffa8c84d9606&count=1 Requested by Host: together-login.bunq.com URL: https://together-login.bunq.com/dist/user_web_authentication.3c560794165857fbbc2c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.137.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-137-191.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 84163140c94c382a0b6b716ad7a30ae8ede561d880ad5ccf29b7c6cd1fceb027 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers X-Bunq-Language en_US Referer https://together-login.bunq.com/ X-Bunq-Client-Request-Id 63fa921f-daea-4391-a9b1-62dbd18a2ba2 X-Bunq-Client-Version USER_WEB_AUTHENTICATION:PRODUCTION:202110210946 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 00:25:22 GMT x-content-type-options nosniff server Apache x-bunq-client-response-id 87ea280f-000f-4272-bc0f-5baa8b458265 etag 84163140c94c382a0b6b716ad7a30ae8ede561d880ad5ccf29b7c6cd1fceb027 x-frame-options sameorigin access-control-allow-methods POST, GET, OPTIONS content-type application/json access-control-allow-origin * cache-control max-age=31536000 x-bunq-client-request-id 63fa921f-daea-4391-a9b1-62dbd18a2ba2 strict-transport-security max-age=31536000 access-control-allow-headers Content-Type, If-None-Match, X-Bunq-Region, X-Bunq-Language, X-Bunq-Client-Request-Id, X-Bunq-Geolocation, Cache-Control, X-Bunq-Client-Authentication, X-Bunq-Client-Signature, X-Bunq-Client-Version, User-Agent, Authorization
GET H2	200	JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 fonts.gstatic.com/s/montserrat/v18/	20 KB 20 KB	7ms 7ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash ec83f9cccd120b3497a09d26618b516b2bd2c8e0e930919c0eda5516991901f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://together-login.bunq.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 05:36:46 GMT x-content-type-options nosniff age 240516 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 20248 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 21 Oct 2022 05:36:46 GMT
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7f830c1ae2a111fac22bcfee0786f6b9477e1b6324444cfacf174cc5d7af5233 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H3	200	JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/	20 KB 20 KB	8ms 7ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://together-login.bunq.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 01:25:05 GMT x-content-type-options nosniff age 342017 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 20040 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:44 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 20 Oct 2022 01:25:05 GMT
GET H2	200	user-web-authentication Show response api.together-login.bunq.com/v1/	9 KB 10 KB	116ms 116ms	Fetch application/json	3.120.137.191 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.together-login.bunq.com/v1/user-web-authentication?token=65ec9a6f-6c8f-445d-be0c-ffa8c84d9606&count=1 Requested by Host: together-login.bunq.com URL: https://together-login.bunq.com/dist/user_web_authentication.3c560794165857fbbc2c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.137.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-137-191.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 84163140c94c382a0b6b716ad7a30ae8ede561d880ad5ccf29b7c6cd1fceb027 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers X-Bunq-Language en_US Referer https://together-login.bunq.com/ X-Bunq-Client-Request-Id 0e76cd66-99b7-4a00-b93e-9e34bd051f4f X-Bunq-Client-Version USER_WEB_AUTHENTICATION:PRODUCTION:202110210946 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 00:25:23 GMT x-content-type-options nosniff server Apache x-bunq-client-response-id c5fa92eb-88d0-4bb1-9158-57a523a85321 etag 84163140c94c382a0b6b716ad7a30ae8ede561d880ad5ccf29b7c6cd1fceb027 x-frame-options sameorigin access-control-allow-methods POST, GET, OPTIONS content-type application/json access-control-allow-origin * cache-control max-age=31536000 x-bunq-client-request-id 0e76cd66-99b7-4a00-b93e-9e34bd051f4f strict-transport-security max-age=31536000 access-control-allow-headers Content-Type, If-None-Match, X-Bunq-Region, X-Bunq-Language, X-Bunq-Client-Request-Id, X-Bunq-Geolocation, Cache-Control, X-Bunq-Client-Authentication, X-Bunq-Client-Signature, X-Bunq-Client-Version, User-Agent, Authorization
OPTIONS H2	204	user-web-authentication api.together-login.bunq.com/v1/	0 0	9ms 8ms	Preflight	3.120.137.191 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.together-login.bunq.com/v1/user-web-authentication?token=65ec9a6f-6c8f-445d-be0c-ffa8c84d9606&count=1 Protocol H2 Server 3.120.137.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-137-191.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-bunq-client-request-id,x-bunq-client-version,x-bunq-language Origin https://together-login.bunq.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers date Sun, 24 Oct 2021 00:25:23 GMT server Apache strict-transport-security max-age=31536000 access-control-allow-origin * access-control-allow-methods POST, GET, OPTIONS access-control-allow-headers Content-Type, If-None-Match, X-Bunq-Region, X-Bunq-Language, X-Bunq-Client-Request-Id, X-Bunq-Geolocation, Cache-Control, X-Bunq-Client-Authentication, X-Bunq-Client-Signature, X-Bunq-Client-Version, User-Agent, Authorization
GET H2	200	user-web-authentication Show response api.together-login.bunq.com/v1/	9 KB 10 KB	50ms 50ms	Fetch application/json	3.120.137.191 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.together-login.bunq.com/v1/user-web-authentication?token=65ec9a6f-6c8f-445d-be0c-ffa8c84d9606&count=1 Requested by Host: together-login.bunq.com URL: https://together-login.bunq.com/dist/user_web_authentication.3c560794165857fbbc2c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.137.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-137-191.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 84163140c94c382a0b6b716ad7a30ae8ede561d880ad5ccf29b7c6cd1fceb027 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers X-Bunq-Language en_US Referer https://together-login.bunq.com/ X-Bunq-Client-Request-Id 513d6f32-e9bc-443e-9748-2f0e4d24d539 X-Bunq-Client-Version USER_WEB_AUTHENTICATION:PRODUCTION:202110210946 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 00:25:24 GMT x-content-type-options nosniff server Apache x-bunq-client-response-id 5e14d3f1-82d6-4707-adc1-cef10fa33da0 etag 84163140c94c382a0b6b716ad7a30ae8ede561d880ad5ccf29b7c6cd1fceb027 x-frame-options sameorigin access-control-allow-methods POST, GET, OPTIONS content-type application/json access-control-allow-origin * cache-control max-age=31536000 x-bunq-client-request-id 513d6f32-e9bc-443e-9748-2f0e4d24d539 strict-transport-security max-age=31536000 access-control-allow-headers Content-Type, If-None-Match, X-Bunq-Region, X-Bunq-Language, X-Bunq-Client-Request-Id, X-Bunq-Geolocation, Cache-Control, X-Bunq-Client-Authentication, X-Bunq-Client-Signature, X-Bunq-Client-Version, User-Agent, Authorization
OPTIONS H2	204	user-web-authentication api.together-login.bunq.com/v1/	0 0	8ms 8ms	Preflight	3.120.137.191 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.together-login.bunq.com/v1/user-web-authentication?token=65ec9a6f-6c8f-445d-be0c-ffa8c84d9606&count=1 Protocol H2 Server 3.120.137.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-137-191.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-bunq-client-request-id,x-bunq-client-version,x-bunq-language Origin https://together-login.bunq.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers date Sun, 24 Oct 2021 00:25:24 GMT server Apache strict-transport-security max-age=31536000 access-control-allow-origin * access-control-allow-methods POST, GET, OPTIONS access-control-allow-headers Content-Type, If-None-Match, X-Bunq-Region, X-Bunq-Language, X-Bunq-Client-Request-Id, X-Bunq-Geolocation, Cache-Control, X-Bunq-Client-Authentication, X-Bunq-Client-Signature, X-Bunq-Client-Version, User-Agent, Authorization
GET H2	200	user-web-authentication Show response api.together-login.bunq.com/v1/	9 KB 10 KB	49ms 49ms	Fetch application/json	3.120.137.191 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.together-login.bunq.com/v1/user-web-authentication?token=65ec9a6f-6c8f-445d-be0c-ffa8c84d9606&count=1 Requested by Host: together-login.bunq.com URL: https://together-login.bunq.com/dist/user_web_authentication.3c560794165857fbbc2c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.137.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-137-191.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 84163140c94c382a0b6b716ad7a30ae8ede561d880ad5ccf29b7c6cd1fceb027 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers X-Bunq-Language en_US Referer https://together-login.bunq.com/ X-Bunq-Client-Request-Id 8e87323d-490e-401f-8050-c1e560c6f5e5 X-Bunq-Client-Version USER_WEB_AUTHENTICATION:PRODUCTION:202110210946 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 00:25:25 GMT x-content-type-options nosniff server Apache x-bunq-client-response-id 89d22e6b-44b1-4c99-a72f-9d4f501a5052 etag 84163140c94c382a0b6b716ad7a30ae8ede561d880ad5ccf29b7c6cd1fceb027 x-frame-options sameorigin access-control-allow-methods POST, GET, OPTIONS content-type application/json access-control-allow-origin * cache-control max-age=31536000 x-bunq-client-request-id 8e87323d-490e-401f-8050-c1e560c6f5e5 strict-transport-security max-age=31536000 access-control-allow-headers Content-Type, If-None-Match, X-Bunq-Region, X-Bunq-Language, X-Bunq-Client-Request-Id, X-Bunq-Geolocation, Cache-Control, X-Bunq-Client-Authentication, X-Bunq-Client-Signature, X-Bunq-Client-Version, User-Agent, Authorization
OPTIONS H2	204	user-web-authentication api.together-login.bunq.com/v1/	0 0	8ms 8ms	Preflight	3.120.137.191 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.together-login.bunq.com/v1/user-web-authentication?token=65ec9a6f-6c8f-445d-be0c-ffa8c84d9606&count=1 Protocol H2 Server 3.120.137.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-137-191.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-bunq-client-request-id,x-bunq-client-version,x-bunq-language Origin https://together-login.bunq.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers date Sun, 24 Oct 2021 00:25:25 GMT server Apache strict-transport-security max-age=31536000 access-control-allow-origin * access-control-allow-methods POST, GET, OPTIONS access-control-allow-headers Content-Type, If-None-Match, X-Bunq-Region, X-Bunq-Language, X-Bunq-Client-Request-Id, X-Bunq-Geolocation, Cache-Control, X-Bunq-Client-Authentication, X-Bunq-Client-Signature, X-Bunq-Client-Version, User-Agent, Authorization

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| FontAwesomeKitConfig object| webpackChunkuser_web_authentication object| SENTRY_RELEASE object| __SENTRY__ object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.together-login.bunq.com
fonts.googleapis.com
fonts.gstatic.com
ka-p.fontawesome.com
kit.fontawesome.com
sentry.bunq.com
together-login.bunq.com
104.18.23.52
142.250.186.99
172.217.16.138
3.120.137.191
3.126.32.114
52.29.3.83
076d3be330795405e0ce72537a177e4e3d3746e2a93ea7924c4a00ef6785a8f1
0a443d5c190dbe18992c068e415ceadca0e6217c89dca19a4b210fc13a244113
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2ce4c29043d5ca2773c4f0a6500da3ec57dfcc3c2b12dc9bcf774cc07e42a8eb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49dc8f045781e8926f71a545145c2fd4633a01f56eed2c7ed8cba3119d128773
7f830c1ae2a111fac22bcfee0786f6b9477e1b6324444cfacf174cc5d7af5233
81b04b1a20817239660c462407a84ea2e50ab0163509e48094d7cf898581c165
84163140c94c382a0b6b716ad7a30ae8ede561d880ad5ccf29b7c6cd1fceb027
88118ca2604c956a31b1a7919ac0599432e3acbe6c75de7f5528e02418961878
a6f3df27fcaf8ea832e62d31e09b861160498be10b556d4c48f8fdd8f27c4548
b9de66f54952eb9ad24313dca0c2213dd9b7a9e32521f4f94da1c0f0aa08b664
cbad408ce449cf9a61d6a73fb89cbfa32868b8bfbe389a6eb8a3013544228f05
dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a
e9c2df2904ee0ac9a0dcc01dbb90666d1c1fd659891fcecba4aa7f64ee0406c1
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ec83f9cccd120b3497a09d26618b516b2bd2c8e0e930919c0eda5516991901f6