sfa.vontobel.com Open in urlscan Pro
217.26.33.40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sfa.vontobel.com/
Effective URL:
https://sfa.vontobel.com/auth/login
Submission: On September 05 via manual (September 5th 2024, 6:28:32 am UTC) from CH — Scanned from CH

Summary HTTP 15 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 217.26.33.40, located in Switzerland and belongs to BSOURCE-AS, CH. The main domain is sfa.vontobel.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 20th 2024. Valid for: a year.

This is the only time sfa.vontobel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
7 22	217.26.33.40 217.26.33.40		197312 (BSOURCE-AS) (BSOURCE-AS)
15	1

22 217.26.33.40 (Switzerland) 7 redirects

ASN197312 (BSOURCE-AS, CH)

sfa.vontobel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	vontobel.com 7 redirects sfa.vontobel.com	281 KB
15	1

	Domain	Requested by
22	sfa.vontobel.com	7 redirects sfa.vontobel.com
15	1

This site contains links to these domains. Also see Links.

Domain
www.vontobel.com
www.vontobelsfa.com

Subject Issuer	Validity	Valid
www.sfa.vontobel.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-20` - `2025-06-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sfa.vontobel.com/auth/login
Frame ID: E22DE407BF158F1401B9B7CB7B2462A8
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online

Page URL History Show full URLs

http://sfa.vontobel.com/ HTTP 307
https://sfa.vontobel.com/ HTTP 303
https://sfa.vontobel.com/sfach/wb/ui/ HTTP 303
https://sfa.vontobel.com/auth/check-login?Location=https%3A%2F%2Fsfa%2Evontobel%2Ecom%2Fsfach%2Fwb%2F... HTTP 302
https://sfa.vontobel.com/auth/login Page URL

Detected technologies

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

73 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

276 kB
Transfer

265 kB
Size

2
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.vontobel.com/document/4b36bc58-7378-46cb-8843-f2375cacb0cb/e-banking-imp-legal-info.pdf
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://www.vontobelsfa.com/globalassets/sfa/documents/alert-on-fraudsters-via-whatsapp-internet-and-email-communication-to-clients.pdf
Title: Alert on fraudsters via WhatsApp communication

Search URL Search Domain Scan URL

URL: https://www.vontobel.com/document/cfd5e9a8-2d47-431d-b742-f51de2fc13d7/sfa-user-guide.pdf
Title: Help

Search URL Search Domain Scan URL

URL: https://www.vontobelsfa.com/en-int/legal-notice/terms-and-conditions-of-use/
Title: Legal information

Search URL Search Domain Scan URL

URL: https://www.vontobel.com/document/2c3d381a-5081-450b-aeef-3cc12126c212/e-banking-privacy-statement.pdf
Title: Privacy statement

Search URL Search Domain Scan URL

URL: https://www.vontobel.com/document/af700410-ef06-4d01-bbb2-e2e197ba859b/e-banking-email-discl.pdf
Title: E-Mail disclosure

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sfa.vontobel.com/ HTTP 307
https://sfa.vontobel.com/ HTTP 303
https://sfa.vontobel.com/sfach/wb/ui/ HTTP 303
https://sfa.vontobel.com/auth/check-login?Location=https%3A%2F%2Fsfa%2Evontobel%2Ecom%2Fsfach%2Fwb%2Fui%2F HTTP 302
https://sfa.vontobel.com/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://sfa.vontobel.com/auth/css/none HTTP 303
https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjH3x_1Lt3UlQ7BFoQgAAABA

Request Chain 11

https://sfa.vontobel.com/auth/images/afpaas/favicon/favicon.ico HTTP 303
https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjIbWyMILpi42G7rMrQAAAOA

Request Chain 12

https://sfa.vontobel.com/auth/images/afpaas/favicon/favicon-32x32.png HTTP 303
https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjIbWyMILpi42G7rMrwAAAN4

Request Chain 13

https://sfa.vontobel.com/auth/images/afpaas/favicon/favicon-16x16.png HTTP 303
https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjIbWyMILpi42G7rMsQAAAPI

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
sfa.vontobel.com/auth/
Redirect Chain

http://sfa.vontobel.com/
https://sfa.vontobel.com/
https://sfa.vontobel.com/sfach/wb/ui/
https://sfa.vontobel.com/auth/check-login?Location=https%3A%2F%2Fsfa%2Evontobel%2Ecom%2Fsfach%2Fwb%2Fui%2F
https://sfa.vontobel.com/auth/login

6 KB
7 KB

40ms
40ms

Document
text/html

217.26.33.40
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sfa.vontobel.com/auth/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.40 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

e4a957dad22ad92d08f020f0a109e7b6bf5fa4a1aae92ff98da4f7eb836aa6b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: private, max-age=0, no-store, no-cache
Connection: Keep-Alive
Content-Language: en
Content-Length: 6066
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Content-Type: text/html;charset=UTF-8
Date: Thu, 05 Sep 2024 06:28:27 GMT
Expires: 01/01/99 20:00:00 GMT
Keep-Alive: timeout=10, max=497
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0, no-store, no-cache
Connection: Keep-Alive
Content-Length: 0
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Content-Type: text/plain;charset=utf-8
Date: Thu, 05 Sep 2024 06:28:27 GMT
Expires: 01/01/99 20:00:00 GMT
Keep-Alive: timeout=10, max=498
Location: login
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK afpaas-iam.css
sfa.vontobel.com/auth/css/ 56 KB
56 KB 42ms
40ms Stylesheet
text/css 217.26.33.40
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sfa.vontobel.com/auth/css/afpaas-iam.css

Requested by

Host: sfa.vontobel.com
URL: https://sfa.vontobel.com/auth/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.40 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

fafaa12f26d4b0a9110c820f7caae7fbb5b851a7b96993da4749b7969d339143

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfa.vontobel.com/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 05 Sep 2024 06:28:27 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Last-Modified: Sat, 18 May 2024 08:45:37 GMT
Server: Apache
ETag: W/"56993-1716021937138"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=UTF-8
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=496
Content-Length: 56993
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
sfa.vontobel.com/auth/js/airlock/ 87 KB
88 KB 100ms
37ms Script
application/javascript 217.26.33.40
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sfa.vontobel.com/auth/js/airlock/jquery-3.5.1.min.js

Requested by

Host: sfa.vontobel.com
URL: https://sfa.vontobel.com/auth/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.40 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfa.vontobel.com/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 05 Sep 2024 06:28:27 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Last-Modified: Tue, 17 Jan 2023 14:55:01 GMT
Server: Apache
ETag: W/"89476-1673967301000"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=500
Content-Length: 89476
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.js Show response
sfa.vontobel.com/auth/js/airlock/ 870 B
2 KB 103ms
35ms Script
application/javascript 217.26.33.40
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sfa.vontobel.com/auth/js/airlock/main.js?r=f276b1cb-855f-40ac-862f-2e820fa4fbc9

Requested by

Host: sfa.vontobel.com
URL: https://sfa.vontobel.com/auth/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.40 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

e33008091af980090e595f8749b1dac1bb49dcc7a69d68fed428ba124db3db2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfa.vontobel.com/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 05 Sep 2024 06:28:27 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Last-Modified: Tue, 17 Jan 2023 14:55:01 GMT
Server: Apache
ETag: W/"870-1673967301000"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=500
Content-Length: 870
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cookieconsent.min.css
sfa.vontobel.com/auth/css/ 4 KB
5 KB 98ms
36ms Stylesheet
text/css 217.26.33.40
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sfa.vontobel.com/auth/css/cookieconsent.min.css

Requested by

Host: sfa.vontobel.com
URL: https://sfa.vontobel.com/auth/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.40 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfa.vontobel.com/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 05 Sep 2024 06:28:27 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Last-Modified: Sat, 18 May 2024 08:45:37 GMT
Server: Apache
ETag: W/"4064-1716021937138"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=UTF-8
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=500
Content-Length: 4064
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK afpaas.js Show response
sfa.vontobel.com/auth/js/ 393 B
1 KB 106ms
37ms Script
application/javascript 217.26.33.40
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sfa.vontobel.com/auth/js/afpaas.js

Requested by

Host: sfa.vontobel.com
URL: https://sfa.vontobel.com/auth/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.40 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

7f9cac61d797ed16e0cac5071845dd228ec05932b07c7661e3249c0cc8f1c64d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfa.vontobel.com/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 05 Sep 2024 06:28:27 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Last-Modified: Sat, 18 May 2024 08:45:37 GMT
Server: Apache
ETag: W/"393-1716021937203"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=500
Content-Length: 393
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cookieconsent.min.js Show response
sfa.vontobel.com/auth/js/ 20 KB
21 KB 108ms
37ms Script
application/javascript 217.26.33.40
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sfa.vontobel.com/auth/js/cookieconsent.min.js

Requested by

Host: sfa.vontobel.com
URL: https://sfa.vontobel.com/auth/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.40 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfa.vontobel.com/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 05 Sep 2024 06:28:27 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Last-Modified: Sat, 18 May 2024 08:45:37 GMT
Server: Apache
ETag: W/"20808-1716021937204"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=500
Content-Length: 20808
X-XSS-Protection: 1; mode=block

GET
H/1.1

404
Not Found

404.html
sfa.vontobel.com/error_path/
Redirect Chain

https://sfa.vontobel.com/auth/css/none
https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjH3x_1Lt3UlQ7BFoQgAAABA

711 B
711 B

32ms
30ms

Image
text/html

217.26.33.40
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjH3x_1Lt3UlQ7BFoQgAAABA

Requested by

Host: sfa.vontobel.com
URL: https://sfa.vontobel.com/auth/css/afpaas-iam.css

Protocol

HTTP/1.1

Server

217.26.33.40 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

cca6e8282c21fe66448655297f2484fa5b4cf769d5070634c95ae53db603b159

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfa.vontobel.com/auth/css/afpaas-iam.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Sep 2024 06:28:28 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=10, max=498
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Thu, 05 Sep 2024 06:28:28 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Server: Apache
Content-Type: text/html
Location: /error_path/404.html?al_req_id=ZtlPjH3x_1Lt3UlQ7BFoQgAAABA
Connection: Keep-Alive
Keep-Alive: timeout=10, max=499
Content-Length: 123
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo-2x.png
sfa.vontobel.com/auth/images/logos/ 11 KB
11 KB 40ms
39ms Image
image/png 217.26.33.40
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sfa.vontobel.com/auth/images/logos/logo-2x.png

Requested by

Host: sfa.vontobel.com
URL: https://sfa.vontobel.com/auth/css/afpaas-iam.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.40 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

dc7f4b790524b6b8f0d14e305aa908c7a4968a04f44b2097e84a6768ab130444

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfa.vontobel.com/auth/css/afpaas-iam.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 05 Sep 2024 06:28:28 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Last-Modified: Sat, 18 May 2024 08:45:37 GMT
Server: Apache
ETag: W/"10828-1716021937203"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=499
Content-Length: 10828
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK VontobelSans-Book.woff2
sfa.vontobel.com/auth/fonts/vontobel/ 26 KB
27 KB 37ms
37ms Font
font/woff2 217.26.33.40
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sfa.vontobel.com/auth/fonts/vontobel/VontobelSans-Book.woff2

Requested by

Host: sfa.vontobel.com
URL: https://sfa.vontobel.com/auth/css/afpaas-iam.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.40 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

b9fec5fa1f4e832397df129c67288dfa1b98318c3d74c238c07727ad1cae35d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfa.vontobel.com/auth/css/afpaas-iam.css
Origin: https://sfa.vontobel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 05 Sep 2024 06:28:28 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Last-Modified: Sat, 18 May 2024 08:45:37 GMT
Server: Apache
ETag: W/"26584-1716021937179"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=499
Content-Length: 26584
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK VontobelSans-Bold.woff2
sfa.vontobel.com/auth/fonts/vontobel/ 26 KB
27 KB 38ms
38ms Font
font/woff2 217.26.33.40
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sfa.vontobel.com/auth/fonts/vontobel/VontobelSans-Bold.woff2

Requested by

Host: sfa.vontobel.com
URL: https://sfa.vontobel.com/auth/css/afpaas-iam.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.40 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

d0ea84cfb7683b8f262d2066789426115f3a5b16b206ccce5a12faa4ca06c922

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfa.vontobel.com/auth/css/afpaas-iam.css
Origin: https://sfa.vontobel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 05 Sep 2024 06:28:28 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Last-Modified: Sat, 18 May 2024 08:45:37 GMT
Server: Apache
ETag: W/"26528-1716021937176"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=499
Content-Length: 26528
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK VontobelSans-SemiBold.woff2
sfa.vontobel.com/auth/fonts/vontobel/ 26 KB
26 KB 39ms
39ms Font
font/woff2 217.26.33.40
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sfa.vontobel.com/auth/fonts/vontobel/VontobelSans-SemiBold.woff2

Requested by

Host: sfa.vontobel.com
URL: https://sfa.vontobel.com/auth/css/afpaas-iam.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.40 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

0b097da04254457340dedbd1f06e620e9051b74208e8c04727a665cb9d7ab01d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfa.vontobel.com/auth/css/afpaas-iam.css
Origin: https://sfa.vontobel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 05 Sep 2024 06:28:28 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Last-Modified: Sat, 18 May 2024 08:45:37 GMT
Server: Apache
ETag: W/"26328-1716021937185"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=498
Content-Length: 26328
X-XSS-Protection: 1; mode=block

GET
H/1.1

404
Not Found

404.html
sfa.vontobel.com/error_path/
Redirect Chain

https://sfa.vontobel.com/auth/images/afpaas/favicon/favicon.ico
https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjIbWyMILpi42G7rMrQAAAOA

711 B
1 KB

35ms
34ms

Other
text/html

217.26.33.40
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjIbWyMILpi42G7rMrQAAAOA

Protocol

HTTP/1.1

Server

217.26.33.40 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

30942c1aa1081f614ba0b1d456fb4c58d550121784cb8d666326beea840ca18e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfa.vontobel.com/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Sep 2024 06:28:28 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=10, max=497
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Thu, 05 Sep 2024 06:28:28 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Server: Apache
Content-Type: text/html
Location: /error_path/404.html?al_req_id=ZtlPjIbWyMILpi42G7rMrQAAAOA
Connection: Keep-Alive
Keep-Alive: timeout=10, max=498
Content-Length: 123
X-XSS-Protection: 1; mode=block

GET
H/1.1

404
Not Found

404.html
sfa.vontobel.com/error_path/
Redirect Chain

https://sfa.vontobel.com/auth/images/afpaas/favicon/favicon-32x32.png
https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjIbWyMILpi42G7rMrwAAAN4

711 B
1 KB

32ms
32ms

Other
text/html

217.26.33.40
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjIbWyMILpi42G7rMrwAAAN4

Protocol

HTTP/1.1

Server

217.26.33.40 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

de6ab8bdf58480dde086d095b4f30581ba9f72fecc2f1a23423ff5af6debae8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfa.vontobel.com/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Sep 2024 06:28:28 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=10, max=496
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Thu, 05 Sep 2024 06:28:28 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Server: Apache
Content-Type: text/html
Location: /error_path/404.html?al_req_id=ZtlPjIbWyMILpi42G7rMrwAAAN4
Connection: Keep-Alive
Keep-Alive: timeout=10, max=497
Content-Length: 123
X-XSS-Protection: 1; mode=block

GET
H/1.1

404
Not Found

404.html
sfa.vontobel.com/error_path/
Redirect Chain

https://sfa.vontobel.com/auth/images/afpaas/favicon/favicon-16x16.png
https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjIbWyMILpi42G7rMsQAAAPI

711 B
1 KB

33ms
33ms

Other
text/html

217.26.33.40
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjIbWyMILpi42G7rMsQAAAPI

Protocol

HTTP/1.1

Server

217.26.33.40 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

88f48100e7acce7ece7dfe7562b29d533e12f633cbcba7a74614347abb6a32aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfa.vontobel.com/auth/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Sep 2024 06:28:28 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=10, max=494
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Thu, 05 Sep 2024 06:28:28 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Server: Apache
Content-Type: text/html
Location: /error_path/404.html?al_req_id=ZtlPjIbWyMILpi42G7rMsQAAAPI
Connection: Keep-Alive
Keep-Alive: timeout=10, max=495
Content-Length: 123
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sfa.vontobel.com/	1969-12-31 23:59:59	Name: AL_SESS_SFA-S Value: Aak40ZswOlGjZBd2d4MoG9HhxlTnb0FVEhvKohVkjdPBX05qAucIeUFYautEqrR4x5cV
			.sfa.vontobel.com/	1969-12-31 23:59:59	Name: CSRFT759-S Value: U9hUIWWI3WFhayZ1hoyJVQ

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://sfa.vontobel.com/auth/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjH3x_1Lt3UlQ7BFoQgAAABA Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjIbWyMILpi42G7rMrQAAAOA Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjIbWyMILpi42G7rMrwAAAN4 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sfa.vontobel.com/error_path/404.html?al_req_id=ZtlPjIbWyMILpi42G7rMsQAAAPI Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline'; media-src 'self'
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sfa.vontobel.com
217.26.33.40
0b097da04254457340dedbd1f06e620e9051b74208e8c04727a665cb9d7ab01d
30942c1aa1081f614ba0b1d456fb4c58d550121784cb8d666326beea840ca18e
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7f9cac61d797ed16e0cac5071845dd228ec05932b07c7661e3249c0cc8f1c64d
88f48100e7acce7ece7dfe7562b29d533e12f633cbcba7a74614347abb6a32aa
b9fec5fa1f4e832397df129c67288dfa1b98318c3d74c238c07727ad1cae35d9
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cca6e8282c21fe66448655297f2484fa5b4cf769d5070634c95ae53db603b159
d0ea84cfb7683b8f262d2066789426115f3a5b16b206ccce5a12faa4ca06c922
dc7f4b790524b6b8f0d14e305aa908c7a4968a04f44b2097e84a6768ab130444
de6ab8bdf58480dde086d095b4f30581ba9f72fecc2f1a23423ff5af6debae8d
e33008091af980090e595f8749b1dac1bb49dcc7a69d68fed428ba124db3db2a
e4a957dad22ad92d08f020f0a109e7b6bf5fa4a1aae92ff98da4f7eb836aa6b4
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fafaa12f26d4b0a9110c820f7caae7fbb5b851a7b96993da4749b7969d339143

sfa.vontobel.com Open in urlscan Pro 217.26.33.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

73 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

276 kBTransfer

265 kBSize

2 Cookies

6 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

2 Cookies

5 Console Messages

Security Headers

Indicators

sfa.vontobel.com Open in urlscan Pro
217.26.33.40 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

73 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

276 kB
Transfer

265 kB
Size

2
Cookies

15 HTTP transactions
0 data transactions