urlscan.io logo urlscan.io
SecurityTrails logo

banking.apobank.de Open in urlscan Pro
199.42.15.197  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://banking.apobank.de/
Effective URL: https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2...
Submission: On October 25 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 33 HTTP transactions. The main IP is 199.42.15.197, located in Frankfurt am Main, Germany and belongs to AS6900, DE. The main domain is banking.apobank.de. The Cisco Umbrella rank of the primary domain is 610234.
TLS certificate: Issued by QuoVadis Europe EV SSL CA G1 on November 9th 2023. Valid for: a year.
This is the only time banking.apobank.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 35 199.42.15.197 6900 (AS6900)
33 1
Apex Domain
Subdomains		 Transfer
35 apobank.de
banking.apobank.de — Cisco Umbrella Rank: 610234
566 KB
33 1
Domain Requested by
35 banking.apobank.de 2 redirects banking.apobank.de
33 1

This site contains links to these domains. Also see Links.

Domain
www.apobank.de
Subject Issuer Validity Valid
banking.apobank.de
QuoVadis Europe EV SSL CA G1		 2023-11-09 -
2024-11-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Frame ID: 2DC7C06969D06B8C1635A676E4FD3F10
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://banking.apobank.de/ HTTP 303
    https://banking.apobank.de/apode/wb/ui/ HTTP 303
    https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank... Page URL

Page Statistics

33
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

565 kB
Transfer

1695 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://banking.apobank.de/ HTTP 303
    https://banking.apobank.de/apode/wb/ui/ HTTP 303
    https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request access
banking.apobank.de/auth/ui/app/auth/application/
Redirect Chain
  • https://banking.apobank.de/
  • https://banking.apobank.de/apode/wb/ui/
  • https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
dada43032fa842079e20b47c7cb40eaf208d6ce85abf049b633224896a818585
Security Headers
Name Value
Content-Security-Policy default-src 'self'; object-src 'none'; script-src 'nonce-9Ad7RJUH4lEuPnIriBgT2ScGwcnBMhxwP_mwczaPTgw' 'strict-dynamic' 'self'; img-src 'self' data: https://api.futurae.com; connect-src 'self' https://api.futurae.com wss://api.futurae.com; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
3194
Content-Security-Policy
default-src 'self'; object-src 'none'; script-src 'nonce-9Ad7RJUH4lEuPnIriBgT2ScGwcnBMhxwP_mwczaPTgw' 'strict-dynamic' 'self'; img-src 'self' data: https://api.futurae.com; connect-src 'self' https://api.futurae.com wss://api.futurae.com; base-uri 'self'; frame-ancestors 'none';
Content-Type
text/html;charset=UTF-8
Date
Fri, 25 Oct 2024 15:41:41 GMT
Expires
0
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Keep-Alive
timeout=10, max=498
Referrer-Policy
same-origin
Server
Apache
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
168
Content-Type
text/html
Date
Fri, 25 Oct 2024 15:41:41 GMT
Keep-Alive
timeout=10, max=499
Location
/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Server
Apache
styles.0e9f2426cc7c4a06.css
banking.apobank.de/auth/ui/ 		197 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/styles.0e9f2426cc7c4a06.css
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
5b75abf698e3219d955602242c979843538048238f4bf2be737f14e072cdc938
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F

Response headers

Content-Encoding
br
ETag
W/"202150-1725005297000-br"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=497
Date
Fri, 25 Oct 2024 15:41:41 GMT
Last-Modified
Fri, 30 Aug 2024 08:08:17 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
text/css;charset=UTF-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
Apache
iam.e8131b50722b3d67.js
banking.apobank.de/auth/ui/assets/airlock/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/assets/airlock/js/iam.e8131b50722b3d67.js
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
73d2de38c926993924a4df0afd4ec669364162bc69b0d02601096fddf4447340
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F

Response headers

Content-Encoding
br
ETag
W/"6704-1719476003000-br"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=500
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Thu, 27 Jun 2024 08:13:23 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
text/javascript;charset=UTF-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
Apache
iam-custom.8d0d3a38780f32a3.js
banking.apobank.de/auth/ui/assets/custom/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/assets/custom/js/iam-custom.8d0d3a38780f32a3.js
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
26b72b07efb44741d91796073b2fb65e888b7b7661eb1cf917e49adb953475a5
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://banking.apobank.de
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F

Response headers

Content-Encoding
br
ETag
W/"7978-1725005306000-br"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=500
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Fri, 30 Aug 2024 08:08:26 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
text/javascript;charset=UTF-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
Apache
runtime.820a6b87ce7bbb39.js
banking.apobank.de/auth/ui/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/runtime.820a6b87ce7bbb39.js
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
96bdc86edfff1afea08831ccc6d91b78213097021eec55434f27851ae6a07feb
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://banking.apobank.de
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F

Response headers

Content-Encoding
br
ETag
W/"6759-1719476003000-br"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=500
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Thu, 27 Jun 2024 08:13:23 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
text/javascript;charset=UTF-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
Apache
polyfills.5e66c8b2c76d865c.js
banking.apobank.de/auth/ui/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/polyfills.5e66c8b2c76d865c.js
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
05dac42a99d3c8fc3f017f578023318d7ad5ffcb3b5cd2f43a1123f6b1928f69
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://banking.apobank.de
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F

Response headers

Content-Encoding
br
ETag
W/"54828-1719476003000-br"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=500
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Thu, 27 Jun 2024 08:13:23 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
text/javascript;charset=UTF-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
Apache
scripts.e78861f7807b196a.js
banking.apobank.de/auth/ui/ 		74 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/scripts.e78861f7807b196a.js
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
3d2ce9e8c21a583cf31eb9980c9abe67a92c7b2082742dc17d912717b03fb7db
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F

Response headers

Content-Encoding
br
ETag
W/"75970-1719476003000-br"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=499
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Thu, 27 Jun 2024 08:13:23 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
text/javascript;charset=UTF-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
Apache
main.910ea6e7639abce4.js
banking.apobank.de/auth/ui/ 		959 KB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/main.910ea6e7639abce4.js
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
e73313a9e6eed26a2c5d68fa2b23b4a989d600415e85bd17d7d5f8aa415612a1
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://banking.apobank.de
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F

Response headers

Content-Encoding
br
ETag
W/"982329-1719476003000-br"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=500
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Thu, 27 Jun 2024 08:13:23 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
text/javascript;charset=UTF-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
Apache
apobank_logo_zusatz.57589015b59153c8.svg
banking.apobank.de/auth/ui/ 		14 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banking.apobank.de/auth/ui/apobank_logo_zusatz.57589015b59153c8.svg
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/styles.0e9f2426cc7c4a06.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
fed2a2217d0df22b335b49b48b374408d6c583a92e92a8066f4934b5a26c8b24
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://banking.apobank.de/auth/ui/styles.0e9f2426cc7c4a06.css

Response headers

Content-Encoding
br
ETag
W/"14576-1725005297000-br"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=498
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Fri, 30 Aug 2024 08:08:17 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
Apache
languages
banking.apobank.de/auth/rest/public/ui/ 		194 B
894 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/rest/public/ui/languages
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/polyfills.5e66c8b2c76d865c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
28bda380ff6c50cd25196c8f9d997f32a8564d96f7d49c23a5c0d4983296953c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Pragma
no-cache
X-Same-Domain
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Content-Encoding
br
X-Content-Type-Options
nosniff
Expires
0
Keep-Alive
timeout=10, max=497
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Fri, 25 Oct 2024 15:41:42 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
application/vnd.api+json
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Referrer-Policy
same-origin
X-XSS-Protection
1; mode=block
Server
Apache
common.c10421734ef5aac7.js
banking.apobank.de/auth/ui/ 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/common.c10421734ef5aac7.js
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/runtime.820a6b87ce7bbb39.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
e5b6968198b58c3df6d784712cfa8893b5648d64957356c51cf133e2cf1ed38e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://banking.apobank.de
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F

Response headers

Content-Encoding
br
ETag
W/"60320-1719476003000-br"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=499
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Thu, 27 Jun 2024 08:13:23 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
text/javascript;charset=UTF-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
Apache
9954.ee1bd23a25267265.js
banking.apobank.de/auth/ui/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/9954.ee1bd23a25267265.js
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/runtime.820a6b87ce7bbb39.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
df0c1eb1f66a3c571f44eabe8cfc246627d6824aca55613682d74eb3df7c763c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://banking.apobank.de
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F

Response headers

Content-Encoding
br
ETag
W/"17891-1719476003000-br"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=499
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Thu, 27 Jun 2024 08:13:23 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
text/javascript;charset=UTF-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
Apache
TypoPRO-SourceSansPro-Regular.f9bdd426c7d92fb0.woff
banking.apobank.de/auth/ui/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/TypoPRO-SourceSansPro-Regular.f9bdd426c7d92fb0.woff
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/styles.0e9f2426cc7c4a06.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
37f7866a5cc00b3a553f7634a43d9b8a16a65c1c83d378cd9ec10aec22eb3d74
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://banking.apobank.de
Referer
https://banking.apobank.de/auth/ui/styles.0e9f2426cc7c4a06.css

Response headers

ETag
W/"28924-1725005297000"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=499
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Fri, 30 Aug 2024 08:08:17 GMT
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
font/woff
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
Content-Length
28924
X-XSS-Protection
1; mode=block
Server
Apache
de.json
banking.apobank.de/auth/ui/assets/airlock/i18n/ 		60 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/assets/airlock/i18n/de.json
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/polyfills.5e66c8b2c76d865c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
25af44a3a21f20e9ac4f7be7ddbddb6b58f2d5cc7e5e411cc2f13c82be51cf23
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F

Response headers

Content-Encoding
br
ETag
-951931805
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=498
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Fri, 27 Sep 2024 08:17:38 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
application/json;charset=UTF-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=0
Connection
Keep-Alive
Referrer-Policy
same-origin
X-XSS-Protection
1; mode=block
Server
Apache
9970.021e1ccb20fbdbba.js
banking.apobank.de/auth/ui/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/9970.021e1ccb20fbdbba.js
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/runtime.820a6b87ce7bbb39.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
e76fcdb337885c905c09566cb6bf2ec68b47b80adef3a77a56c0c0fb0b211d9d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://banking.apobank.de
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F

Response headers

Content-Encoding
br
ETag
W/"1605-1719476003000-br"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=498
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Thu, 27 Jun 2024 08:13:23 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
text/javascript;charset=UTF-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
Apache
access
banking.apobank.de/auth/rest/public/authentication/ui/configuration/ 		46 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/rest/public/authentication/ui/configuration/access
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/polyfills.5e66c8b2c76d865c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
223366f475b88c47170754ba1c0e4b0c9daa54aaf72c6188fd6caa89f0f0d937
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Accept-Language
de
Pragma
no-cache
X-Same-Domain
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Content-Encoding
br
X-Content-Type-Options
nosniff
Expires
0
Keep-Alive
timeout=10, max=497
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Fri, 25 Oct 2024 15:41:42 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
application/vnd.api+json
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Referrer-Policy
same-origin
X-XSS-Protection
1; mode=block
Server
Apache
favicon.ico
banking.apobank.de/auth/ui/assets/custom/img/ 		3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/assets/custom/img/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
912a92e1585fe0e14bea09bf6f1ea6fd4e818842da21c9e267dc8ab28a6cf438
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F

Response headers

Strict-Transport-Security
max-age=16070400
ETag
W/"2969-1725005300000"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Accept-Ranges
bytes
Content-Length
2969
Keep-Alive
timeout=10, max=498
Date
Fri, 25 Oct 2024 15:41:42 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 30 Aug 2024 08:08:20 GMT
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Server
Apache
Content-Type
image/x-icon
X-Frame-Options
SAMEORIGIN
flow
banking.apobank.de/auth/rest/public/authentication/ 		0
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/rest/public/authentication/flow
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/polyfills.5e66c8b2c76d865c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Accept-Language
de
Pragma
no-cache
X-Same-Domain
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=16070400
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Expires
0
Keep-Alive
timeout=10, max=496
Date
Fri, 25 Oct 2024 15:41:42 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 25 Oct 2024 15:41:42 GMT
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Server
Apache
X-Frame-Options
SAMEORIGIN
access
banking.apobank.de/auth/rest/public/authentication/location/ 		191 B
930 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/rest/public/authentication/location/access
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/polyfills.5e66c8b2c76d865c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
94d4c69779f178098f7dc79381b172da4b7179562e4e6f1a727e03136cf6b2ed
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Accept-Language
de
Pragma
no-cache
X-Same-Domain
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

X-Content-Type-Options
nosniff
Expires
0
Keep-Alive
timeout=10, max=495
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Fri, 25 Oct 2024 15:41:42 GMT
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
application/vnd.api+json
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=16070400
Cache-Control
no-store, no-cache, must-revalidate
WWW-Authenticate
None
Connection
Keep-Alive
Referrer-Policy
same-origin
Content-Length
191
X-XSS-Protection
1; mode=block
Server
Apache
interpret
banking.apobank.de/auth/rest/public/authentication/location/ 		157 B
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/rest/public/authentication/location/interpret
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/polyfills.5e66c8b2c76d865c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
66ca3f789fd2741bb6fc1bb2270805124652acdb2b6ee67c2b24013a0461d5fc
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Accept-Language
de
Pragma
no-cache
X-Same-Domain
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Content-Encoding
br
X-Content-Type-Options
nosniff
Expires
0
Keep-Alive
timeout=10, max=494
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Fri, 25 Oct 2024 15:41:42 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
application/vnd.api+json
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Referrer-Policy
same-origin
X-XSS-Protection
1; mode=block
Server
Apache
configuration
banking.apobank.de/auth/rest/public/authentication/ui/ 		327 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/rest/public/authentication/ui/configuration
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/polyfills.5e66c8b2c76d865c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
82233f77dad75f4c0dc0077ec32d1a43f40e809c0dbfd13b1286ec422326b6b7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Accept-Language
de
Pragma
no-cache
X-Same-Domain
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Content-Encoding
br
X-Content-Type-Options
nosniff
Expires
0
Keep-Alive
timeout=10, max=493
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Fri, 25 Oct 2024 15:41:42 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
application/vnd.api+json
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Referrer-Policy
same-origin
X-XSS-Protection
1; mode=block
Server
Apache
7871.6f6a4e7f3344bce4.js
banking.apobank.de/auth/ui/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/7871.6f6a4e7f3344bce4.js
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/runtime.820a6b87ce7bbb39.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
0ce29ddc9d7731116a39b94b2e80156fe4eec65d59a20cdcfc03610a9b8ce2dc
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://banking.apobank.de
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F

Response headers

Content-Encoding
br
ETag
W/"11619-1719476003000-br"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=492
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Thu, 27 Jun 2024 08:13:23 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
text/javascript;charset=UTF-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
Apache
9243.1d8c46cf54e0b644.js
banking.apobank.de/auth/ui/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/9243.1d8c46cf54e0b644.js
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/runtime.820a6b87ce7bbb39.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
b77a8b10f57dc8a5fc17b625308f089b684c31dee0b8ef05696ef0446acedebe
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://banking.apobank.de
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F

Response headers

Content-Encoding
br
ETag
W/"31472-1719476003000-br"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=497
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Thu, 27 Jun 2024 08:13:23 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
text/javascript;charset=UTF-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
Apache
4870.63954d2088272846.js
banking.apobank.de/auth/ui/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/4870.63954d2088272846.js
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/runtime.820a6b87ce7bbb39.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
df4700eedc38fa48f2f2f4dd4c52f4a495c890ead98347665ac3538042a4bfdb
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://banking.apobank.de
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F

Response headers

Content-Encoding
br
ETag
W/"12812-1719476003000-br"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=497
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Thu, 27 Jun 2024 08:13:23 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
text/javascript;charset=UTF-8
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
Apache
configuration
banking.apobank.de/auth/rest/public/authentication/ui/ 		327 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/rest/public/authentication/ui/configuration
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/polyfills.5e66c8b2c76d865c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
65c44d48596ed218bf1d1c367783f387101109c49b794b22e36b648a66e7b561
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://banking.apobank.de/auth/ui/app/auth/application/access?Location=https%3A%2F%2Fbanking%2Eapobank%2Ede%2Fapode%2Fwb%2Fui%2F
Accept-Language
de
Pragma
no-cache
X-Continue-Flow
true
X-Same-Domain
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

Content-Encoding
br
X-Content-Type-Options
nosniff
Expires
0
Keep-Alive
timeout=10, max=496
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Fri, 25 Oct 2024 15:41:42 GMT
Vary
Accept-Encoding
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
application/vnd.api+json
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070400
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Referrer-Policy
same-origin
X-XSS-Protection
1; mode=block
Server
Apache
maintenance-messages
banking.apobank.de/auth/rest/public/ 		99 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/rest/public/maintenance-messages?filter=location%3D%40MaintenanceMessage
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/polyfills.5e66c8b2c76d865c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
6f83f1f541d680476898886db66eff18e151a07cbd4fba8b1b08cfd28b6ce2bd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src *
Public-Key-Pins pin-sha256="PWlLPCUgP7oSB/tsR/x8LxyuVL+/J6hI9tevRiTe4hU="; max-age=16070400; includeSubDomains
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Security-Policy default-src 'self'; allow 'self'; img-src *
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://banking.apobank.de/auth/ui/app/auth/flow/apo-afp/password
Accept-Language
de
Pragma
no-cache
X-Continue-Flow
true
X-Same-Domain
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

X-Content-Type-Options
nosniff
Expires
0
Keep-Alive
timeout=10, max=495
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Fri, 25 Oct 2024 15:41:42 GMT
Content-Type
application/vnd.api+json
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self'; img-src *
Cache-Control
no-store, no-cache, must-revalidate
X-Content-Security-Policy
default-src 'self'; allow 'self'; img-src *
Connection
Keep-Alive
Content-Length
99
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="PWlLPCUgP7oSB/tsR/x8LxyuVL+/J6hI9tevRiTe4hU="; max-age=16070400; includeSubDomains
Server
Apache
TypoPRO-SourceSansPro-Semibold.c5a8ee10451a612e.woff
banking.apobank.de/auth/ui/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/TypoPRO-SourceSansPro-Semibold.c5a8ee10451a612e.woff
Requested by
Host: banking.apobank.de
URL: https://banking.apobank.de/auth/ui/styles.0e9f2426cc7c4a06.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
55b9f30c1f83a803d907a35815857d694d8fbdaceaa90c43c17478819e77379b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://banking.apobank.de
Referer
https://banking.apobank.de/auth/ui/styles.0e9f2426cc7c4a06.css

Response headers

ETag
W/"28564-1725005297000"
X-Content-Type-Options
nosniff
Keep-Alive
timeout=10, max=496
Date
Fri, 25 Oct 2024 15:41:42 GMT
Last-Modified
Fri, 30 Aug 2024 08:08:17 GMT
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Content-Type
font/woff
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=16070400
Cache-Control
public, max-age=31536000
Connection
Keep-Alive
Referrer-Policy
same-origin
Accept-Ranges
bytes
Content-Length
28564
X-XSS-Protection
1; mode=block
Server
Apache
apoBank-sicherheitshinweis_banner_b.jpg
banking.apobank.de/auth/ui/assets/custom/img/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banking.apobank.de/auth/ui/assets/custom/img/apoBank-sicherheitshinweis_banner_b.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
284e06281e97f86430f6dee31e1ae649927872b704e7896528101a1088029445
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://banking.apobank.de/auth/ui/app/auth/flow/apo-afp/password

Response headers

Strict-Transport-Security
max-age=16070400
ETag
W/"88086-1725005300000"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Accept-Ranges
bytes
Content-Length
88086
Keep-Alive
timeout=10, max=494
Date
Fri, 25 Oct 2024 15:41:42 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 30 Aug 2024 08:08:20 GMT
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Server
Apache
Content-Type
image/jpeg
X-Frame-Options
SAMEORIGIN
apoBank_Icon_apoBlau_Datenschutz_allgemein_150.png
banking.apobank.de/auth/ui/assets/custom/img/web30/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banking.apobank.de/auth/ui/assets/custom/img/web30/apoBank_Icon_apoBlau_Datenschutz_allgemein_150.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
ceceb4de3fde85dac4fc2e0786cea1cc8a062be03906c4e8a7797f42c23fa9ca
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://banking.apobank.de/auth/ui/app/auth/flow/apo-afp/password

Response headers

Strict-Transport-Security
max-age=16070400
ETag
W/"10849-1725005300000"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Accept-Ranges
bytes
Content-Length
10849
Keep-Alive
timeout=10, max=496
Date
Fri, 25 Oct 2024 15:41:42 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 30 Aug 2024 08:08:20 GMT
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Server
Apache
Content-Type
image/png
X-Frame-Options
SAMEORIGIN
apoBank_Icon_apoBlau_Absicherung_150.png
banking.apobank.de/auth/ui/assets/custom/img/web30/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banking.apobank.de/auth/ui/assets/custom/img/web30/apoBank_Icon_apoBlau_Absicherung_150.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
2f86a4df953346f6aa499e74b2005ded7dee8feb9c561e0cd6e4f138fe145422
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://banking.apobank.de/auth/ui/app/auth/flow/apo-afp/password

Response headers

Strict-Transport-Security
max-age=16070400
ETag
W/"16144-1725005300000"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Accept-Ranges
bytes
Content-Length
16144
Keep-Alive
timeout=10, max=491
Date
Fri, 25 Oct 2024 15:41:42 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 30 Aug 2024 08:08:20 GMT
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Server
Apache
Content-Type
image/png
X-Frame-Options
SAMEORIGIN
apobank_icon_apoblau_Email-Finanzen_150.png
banking.apobank.de/auth/ui/assets/custom/img/web30/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banking.apobank.de/auth/ui/assets/custom/img/web30/apobank_icon_apoblau_Email-Finanzen_150.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
b6887ef557631e60ee0329b72030f8a7a59e229225ed350af45e501199289eac
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://banking.apobank.de/auth/ui/app/auth/flow/apo-afp/password

Response headers

Strict-Transport-Security
max-age=16070400
ETag
W/"3093-1725005300000"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Accept-Ranges
bytes
Content-Length
3093
Keep-Alive
timeout=10, max=496
Date
Fri, 25 Oct 2024 15:41:42 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 30 Aug 2024 08:08:20 GMT
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Server
Apache
Content-Type
image/png
X-Frame-Options
SAMEORIGIN
phone.png
banking.apobank.de/auth/ui/assets/custom/img/ 		791 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banking.apobank.de/auth/ui/assets/custom/img/phone.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
ff5e705e4ecb01e397cb0547c1f33f8f7b5119604c0baaa3f253022ac58779ec
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://banking.apobank.de/auth/ui/app/auth/flow/apo-afp/password

Response headers

Strict-Transport-Security
max-age=16070400
ETag
W/"791-1725005300000"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Accept-Ranges
bytes
Content-Length
791
Keep-Alive
timeout=10, max=499
Date
Fri, 25 Oct 2024 15:41:42 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 30 Aug 2024 08:08:20 GMT
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Server
Apache
Content-Type
image/png
X-Frame-Options
SAMEORIGIN
favicon.ico
banking.apobank.de/auth/ui/assets/custom/img/ 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://banking.apobank.de/auth/ui/assets/custom/img/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.42.15.197 Frankfurt am Main, Germany, ASN6900 (AS6900, DE),
Reverse DNS
Software
Apache /
Resource Hash
912a92e1585fe0e14bea09bf6f1ea6fd4e818842da21c9e267dc8ab28a6cf438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://banking.apobank.de/auth/ui/app/auth/flow/apo-afp/password

Response headers

ETag
W/"2969-1725005300000"
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Accept-Ranges
bytes
Content-Length
2969
Date
Fri, 25 Oct 2024 15:41:42 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 30 Aug 2024 08:08:20 GMT
Feature-Policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Server
Apache
Content-Type
image/x-icon
X-Frame-Options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| iam object| webpackChunkapp function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched boolean| __zone_symbol__ononscrollsnapchangepatched boolean| __zone_symbol__ononscrollsnapchangingpatched function| __zone_symbol__queueMicrotask object| Arrive number| uidEvent object| __zone_symbol__loadfalse object| __zone_symbol__resizefalse object| bootstrap object| Mustache function| _ object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| arrive function| unbindArrive function| leave function| unbindLeave function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener function| eventListeners function| removeAllListeners

2 Cookies

Domain/Path Name / Value
.banking.apobank.de/ Name: AL_SESS-S
Value: AebqMf5i61wbN_dnIv5EjZq4lfq6vpB1mIrijUaiJY4X!SbYIq6jgljQZk7qB2r_aBa0
.banking.apobank.de/ Name: CSRFT759-S
Value: EZrJaKt43VVz1xn24OdQQw

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
network error URL: https://banking.apobank.de/auth/rest/public/authentication/location/access
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
recommendation verbose URL: https://banking.apobank.de/auth/ui/app/auth/flow/apo-afp/password
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; object-src 'none'; script-src 'nonce-9Ad7RJUH4lEuPnIriBgT2ScGwcnBMhxwP_mwczaPTgw' 'strict-dynamic' 'self'; img-src 'self' data: https://api.futurae.com; connect-src 'self' https://api.futurae.com wss://api.futurae.com; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banking.apobank.de
199.42.15.197
05dac42a99d3c8fc3f017f578023318d7ad5ffcb3b5cd2f43a1123f6b1928f69
0ce29ddc9d7731116a39b94b2e80156fe4eec65d59a20cdcfc03610a9b8ce2dc
223366f475b88c47170754ba1c0e4b0c9daa54aaf72c6188fd6caa89f0f0d937
25af44a3a21f20e9ac4f7be7ddbddb6b58f2d5cc7e5e411cc2f13c82be51cf23
26b72b07efb44741d91796073b2fb65e888b7b7661eb1cf917e49adb953475a5
284e06281e97f86430f6dee31e1ae649927872b704e7896528101a1088029445
28bda380ff6c50cd25196c8f9d997f32a8564d96f7d49c23a5c0d4983296953c
2f86a4df953346f6aa499e74b2005ded7dee8feb9c561e0cd6e4f138fe145422
37f7866a5cc00b3a553f7634a43d9b8a16a65c1c83d378cd9ec10aec22eb3d74
3d2ce9e8c21a583cf31eb9980c9abe67a92c7b2082742dc17d912717b03fb7db
55b9f30c1f83a803d907a35815857d694d8fbdaceaa90c43c17478819e77379b
5b75abf698e3219d955602242c979843538048238f4bf2be737f14e072cdc938
65c44d48596ed218bf1d1c367783f387101109c49b794b22e36b648a66e7b561
66ca3f789fd2741bb6fc1bb2270805124652acdb2b6ee67c2b24013a0461d5fc
6f83f1f541d680476898886db66eff18e151a07cbd4fba8b1b08cfd28b6ce2bd
73d2de38c926993924a4df0afd4ec669364162bc69b0d02601096fddf4447340
82233f77dad75f4c0dc0077ec32d1a43f40e809c0dbfd13b1286ec422326b6b7
912a92e1585fe0e14bea09bf6f1ea6fd4e818842da21c9e267dc8ab28a6cf438
94d4c69779f178098f7dc79381b172da4b7179562e4e6f1a727e03136cf6b2ed
96bdc86edfff1afea08831ccc6d91b78213097021eec55434f27851ae6a07feb
b6887ef557631e60ee0329b72030f8a7a59e229225ed350af45e501199289eac
b77a8b10f57dc8a5fc17b625308f089b684c31dee0b8ef05696ef0446acedebe
ceceb4de3fde85dac4fc2e0786cea1cc8a062be03906c4e8a7797f42c23fa9ca
dada43032fa842079e20b47c7cb40eaf208d6ce85abf049b633224896a818585
df0c1eb1f66a3c571f44eabe8cfc246627d6824aca55613682d74eb3df7c763c
df4700eedc38fa48f2f2f4dd4c52f4a495c890ead98347665ac3538042a4bfdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b6968198b58c3df6d784712cfa8893b5648d64957356c51cf133e2cf1ed38e
e73313a9e6eed26a2c5d68fa2b23b4a989d600415e85bd17d7d5f8aa415612a1
e76fcdb337885c905c09566cb6bf2ec68b47b80adef3a77a56c0c0fb0b211d9d
fed2a2217d0df22b335b49b48b374408d6c583a92e92a8066f4934b5a26c8b24
ff5e705e4ecb01e397cb0547c1f33f8f7b5119604c0baaa3f253022ac58779ec