Submitted URL: http://nab.ch/
Effective URL: https://www.nab.ch/
Submission: On February 03 via manual from CH

Summary

This website contacted 17 IPs in 6 countries across 15 domains to perform 61 HTTP transactions. The main IP is 193.72.166.65, located in Switzerland and belongs to ARPAGE, CH. The main domain is www.nab.ch.
TLS certificate: Issued by QuoVadis EV SSL ICA G1 on December 12th 2019. Valid for: 2 years.
This is the only time www.nab.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
37 www.nab.ch www.nab.ch
5 assets.adobedtm.com www.nab.ch
assets.adobedtm.com
4 dpm.demdex.net 1 redirects www.nab.ch
2 sdc2.credit-suisse.com assets.adobedtm.com
2 connect.facebook.net www.nab.ch
connect.facebook.net
2 chat.nab.ch www.nab.ch
2 nab.ch 2 redirects
1 www.nabhome.ch www.nab.ch
1 creditsuisse.tt.omtrdc.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 creditsuisse.demdex.net assets.adobedtm.com
1 s.ytimg.com www.youtube.com
1 www.google.de www.nab.ch
1 www.google.com www.nab.ch
1 www.facebook.com www.nab.ch
1 www.youtube.com assets.adobedtm.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com assets.adobedtm.com
61 18
Subject Issuer Validity Valid
www.nab.ch
QuoVadis EV SSL ICA G1
2019-12-12 -
2021-12-12
2 years crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA
2019-10-22 -
2021-10-01
2 years crt.sh
chat.nab.ch
QuoVadis EV SSL ICA G1
2019-12-12 -
2021-12-12
2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA
2018-01-09 -
2021-02-12
3 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-01-16 -
2020-04-15
3 months crt.sh
www.googleadservices.com
GTS CA 1O1
2020-01-14 -
2020-04-07
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-01-14 -
2020-04-07
3 months crt.sh
*.google.com
GTS CA 1O1
2020-01-14 -
2020-04-07
3 months crt.sh
www.google.com
GTS CA 1O1
2020-01-14 -
2020-04-07
3 months crt.sh
www.google.de
GTS CA 1O1
2020-01-14 -
2020-04-07
3 months crt.sh
sdc2.credit-suisse.com
DigiCert SHA2 High Assurance Server CA
2019-06-17 -
2020-09-23
a year crt.sh
*.tt.omtrdc.net
DigiCert SHA2 High Assurance Server CA
2017-10-19 -
2020-11-25
3 years crt.sh
www.nabhome.ch
QuoVadis EV SSL ICA G1
2019-12-12 -
2021-12-12
2 years crt.sh

This page contains 2 frames:

Primary Page: https://www.nab.ch/
Frame ID: BE0B6349F54393E0A2039FC161C99C1E
Requests: 61 HTTP requests in this frame

Frame: https://creditsuisse.demdex.net/dest5.html?d_nsid=0
Frame ID: B232D4FDF1A92644D58DF0314D4EA808
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://nab.ch/ HTTP 301
    https://nab.ch/ HTTP 301
    https://www.nab.ch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+ href="typo3(?:conf|temp)\//i
  • script /^typo3(?:conf|temp)\//i
  • meta generator /TYPO3\s+(?:CMS\s+)?([\d.]+)?(?:\s+CMS)?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+ href="typo3(?:conf|temp)\//i
  • script /^typo3(?:conf|temp)\//i
  • meta generator /TYPO3\s+(?:CMS\s+)?([\d.]+)?(?:\s+CMS)?/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /\/\/assets.adobedtm.com\//i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/s[_-]code.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

61
Requests

100 %
HTTPS

41 %
IPv6

15
Domains

18
Subdomains

17
IPs

6
Countries

2031 kB
Transfer

4161 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nab.ch/ HTTP 301
    https://nab.ch/ HTTP 301
    https://www.nab.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=14CE34B8527836E60A490D44%40AdobeOrg&d_nsid=0&ts=1580737010819 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=14CE34B8527836E60A490D44%40AdobeOrg&d_nsid=0&ts=1580737010819
Request Chain 56
  • https://cm.everesttech.net/cm/dd?d_uuid=55914940643672266600057126603088802477 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xjgh8wAAAd95ZxTJ

61 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
www.nab.ch/
Redirect Chain
  • http://nab.ch/
  • https://nab.ch/
  • https://www.nab.ch/
76 KB
16 KB
Document
General
Full URL
https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
59e4a49f68c5a76e9f72feebb9662cf8a9fbde11d34df757ef64d95339f4279f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.nab.ch
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Server
Apache
Vary
Host,Accept-Encoding
Content-Language
de
Cache-Control
max-age=0
Expires
Mon, 03 Feb 2020 13:36:50 GMT
Strict-Transport-Security
max-age=10886400; includeSubDomains
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
X-UA-Compatible
IE=edge
Content-Type
text/html; charset=utf-8
Set-Cookie
fe_typo_user=a4cdb0e8e1a7d2091f6d3509ef47b104; path=/; secure; HttpOnly
Content-Encoding
gzip
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked

Redirect headers

Date
Mon, 03 Feb 2020 13:36:49 GMT
Server
Apache
Location
https://www.nab.ch/
Cache-Control
max-age=0
Expires
Mon, 03 Feb 2020 13:36:49 GMT
Content-Type
text/html; charset=iso-8859-1
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
facfd6abde-8c39e93f00694d0dc9464e77630301f1.css
www.nab.ch/typo3temp/compressor/
139 B
2 KB
Stylesheet
General
Full URL
https://www.nab.ch/typo3temp/compressor/facfd6abde-8c39e93f00694d0dc9464e77630301f1.css
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
2bc182f3f4fb5a2d569c7a957c76ac545b770d3a0b63ca089050c54d31e0608e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Feb 2020 09:31:05 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Expires
Tue, 02 Feb 2021 13:36:50 GMT
merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
www.nab.ch/typo3temp/compressor/
699 KB
91 KB
Stylesheet
General
Full URL
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
8bc809de307be37ff0132fadf83c493771869fc41da3b81b9bde2ebfda87a9ad
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Feb 2020 09:40:12 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Expires
Tue, 02 Feb 2021 13:36:50 GMT
merged-0ceb6199ae1507b5dafeefc712d89047-0d57a7e585567b834afeab0bf09c2ae1.js
www.nab.ch/typo3temp/compressor/
213 KB
74 KB
Script
General
Full URL
https://www.nab.ch/typo3temp/compressor/merged-0ceb6199ae1507b5dafeefc712d89047-0d57a7e585567b834afeab0bf09c2ae1.js
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
6dd4dd209ce29924ced34a4f199768e481c23dadb17c458a6cc13b44cc2c99a9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Feb 2020 09:30:55 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Expires
Tue, 02 Feb 2021 13:36:50 GMT
jquery-3.3.1.min.js
www.nab.ch/typo3conf/ext/emboss_jquery/Resources/Public/JavaScript/
85 KB
32 KB
Script
General
Full URL
https://www.nab.ch/typo3conf/ext/emboss_jquery/Resources/Public/JavaScript/jquery-3.3.1.min.js
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:01 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Expires
Tue, 02 Feb 2021 13:36:50 GMT
merged-f2097928d671e419492a1311d495031b-342a8e93fdbe1a59b8b21d5de48df7c3.js
www.nab.ch/typo3temp/compressor/
418 KB
102 KB
Script
General
Full URL
https://www.nab.ch/typo3temp/compressor/merged-f2097928d671e419492a1311d495031b-342a8e93fdbe1a59b8b21d5de48df7c3.js
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
e1038c7c6f58e1301b4f513404ce7b7f91a8ac58586be4b53bf3f05af47d8143
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Feb 2020 09:30:55 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Expires
Tue, 02 Feb 2021 13:36:50 GMT
zip.js
www.nab.ch/typo3conf/ext/zip/Resources/Public/Js/
5 KB
3 KB
Script
General
Full URL
https://www.nab.ch/typo3conf/ext/zip/Resources/Public/Js/zip.js
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
2780d2048eb5579c370518a6f71552fb4b6a1062797c9acd90940021b45bce45
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:04 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Expires
Tue, 02 Feb 2021 13:36:50 GMT
satelliteLib-82a2a877ef9ebe83f3db205a0146dbdbe7767a93.js
assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/
129 KB
40 KB
Script
General
Full URL
https://assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/satelliteLib-82a2a877ef9ebe83f3db205a0146dbdbe7767a93.js
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.45 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-45.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
691a52caa18e58b1f10e53eb723b4a3b01fb0a7b2679c0e5f99637afcf33cced

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 13:36:50 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 12:06:48 GMT
server
AkamaiNetStorage
etag
"281f23eff25b5dbe28efb5f4e51e11df:1580386008.142753"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
40280
expires
Mon, 03 Feb 2020 14:36:50 GMT
jquery.cookie.js
www.nab.ch/typo3conf/ext/powermail_cookie/res/
3 KB
3 KB
Script
General
Full URL
https://www.nab.ch/typo3conf/ext/powermail_cookie/res/jquery.cookie.js
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:03 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Expires
Tue, 02 Feb 2021 13:36:50 GMT
powermailCookie.js
www.nab.ch/typo3conf/ext/powermail_cookie/res/
6 KB
3 KB
Script
General
Full URL
https://www.nab.ch/typo3conf/ext/powermail_cookie/res/powermailCookie.js
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
d69842c05fd802a5eaf3911b655b9d6cea94086dd8b4802f0d40338a91661f59
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:03 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Expires
Tue, 02 Feb 2021 13:36:50 GMT
livechat.js
chat.nab.ch/livechat/js/
0
0
Script
General
Full URL
https://chat.nab.ch/livechat/js/livechat.js
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.73.238.66 , Switzerland, ASN6730 (SUNRISE, CH),
Reverse DNS
nab-livechat.elca-services.com
Software
/
Resource Hash

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://chat.nab.ch
nab-logo_redesign.svg
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/
10 KB
5 KB
Image
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/nab-logo_redesign.svg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
27c86c745ca1685261ebb0daeeb3c2cc3dcb54eb0b3dddc5613728519d4fa3a7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Expires
Wed, 04 Mar 2020 13:36:50 GMT
Achthunderter.svg
www.nab.ch/fileadmin/user_upload/Public/Kampagnen/We_Love_Aargau/
3 KB
3 KB
Image
General
Full URL
https://www.nab.ch/fileadmin/user_upload/Public/Kampagnen/We_Love_Aargau/Achthunderter.svg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
ba97154f3ffaec09c362e1ce9623ce4eb342dd3590e8b5a2abfe822b52428604
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Feb 2020 12:36:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Expires
Wed, 04 Mar 2020 13:36:50 GMT
merged-209b916272c264e9a8e521e4f0e0e289-a3a3be15d5741a6d7ca17fa7b2983d58.css
www.nab.ch/typo3temp/compressor/
722 B
2 KB
Stylesheet
General
Full URL
https://www.nab.ch/typo3temp/compressor/merged-209b916272c264e9a8e521e4f0e0e289-a3a3be15d5741a6d7ca17fa7b2983d58.css
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
9d43976d4ac251d3808e2eabc1fb7fd4c2b29ae9c0b83ca71f5978a8f865a2d2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Feb 2020 09:30:55 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=95
Expires
Tue, 02 Feb 2021 13:36:51 GMT
hypo_kisten_450x253.jpg
www.nab.ch/fileadmin/user_upload/Public/Layout/Highlights/16_9/
21 KB
23 KB
Image
General
Full URL
https://www.nab.ch/fileadmin/user_upload/Public/Layout/Highlights/16_9/hypo_kisten_450x253.jpg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
86bea5e225feca65f9c9631f5da84d8b11960bf1d6b969c8060c14cf909b68a3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Feb 2020 09:43:42 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Expires
Wed, 04 Mar 2020 13:36:50 GMT
csm_flashmob_2_0a3c329a1c.jpg
www.nab.ch/fileadmin/_processed_/2/6/
139 KB
141 KB
Image
General
Full URL
https://www.nab.ch/fileadmin/_processed_/2/6/csm_flashmob_2_0a3c329a1c.jpg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
8942b2e1554bb0dad0c7b397f2b6c9f3bd13831bc1f78000174111a8cc3523d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 18 Nov 2019 14:28:16 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Expires
Wed, 04 Mar 2020 13:36:50 GMT
NAB_OnlBank2018_450x253.jpg
www.nab.ch/fileadmin/user_upload/Public/Layout/Highlights/16_9/
16 KB
17 KB
Image
General
Full URL
https://www.nab.ch/fileadmin/user_upload/Public/Layout/Highlights/16_9/NAB_OnlBank2018_450x253.jpg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
14d62d4368cc31dbf7f014f03dafd4cf8a089b4a85e72008b169c2041836cf00
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Feb 2020 09:43:42 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Expires
Wed, 04 Mar 2020 13:36:50 GMT
regionalstudie_2019_500x281.jpg
www.nab.ch/fileadmin/user_upload/Public/Layout/Highlights/
26 KB
27 KB
Image
General
Full URL
https://www.nab.ch/fileadmin/user_upload/Public/Layout/Highlights/regionalstudie_2019_500x281.jpg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
6eb66624a6c048e8245a8d993e7a142fc6063867fe9093094e2b680661380bfb
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Feb 2020 09:43:42 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Expires
Wed, 04 Mar 2020 13:36:50 GMT
Multibanking_OB_500x281.jpg
www.nab.ch/fileadmin/user_upload/Public/Layout/Highlights/16_9/
121 KB
110 KB
Image
General
Full URL
https://www.nab.ch/fileadmin/user_upload/Public/Layout/Highlights/16_9/Multibanking_OB_500x281.jpg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
a09860b039b6e58e15918e0b5e8d69cdb1b7195f8e16452f37011e6ee50238dd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Feb 2020 09:43:42 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Expires
Wed, 04 Mar 2020 13:36:51 GMT
kmu_schreinerei_450x253.jpg
www.nab.ch/fileadmin/user_upload/Public/Layout/Highlights/16_9/
29 KB
30 KB
Image
General
Full URL
https://www.nab.ch/fileadmin/user_upload/Public/Layout/Highlights/16_9/kmu_schreinerei_450x253.jpg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
b860a2d144ad99838de065fab7d3c5d28a17e87f4b8b446b4fce0f566c63e09a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Feb 2020 09:43:42 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=93
Expires
Wed, 04 Mar 2020 13:36:51 GMT
merged-d4e11e5e8b1877638d804e7847126a61-9d476b5499dd10621cf501a641cb027d.js
www.nab.ch/typo3temp/compressor/
140 KB
40 KB
Script
General
Full URL
https://www.nab.ch/typo3temp/compressor/merged-d4e11e5e8b1877638d804e7847126a61-9d476b5499dd10621cf501a641cb027d.js
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
ccdb3a4acb9cfd6847118d5429efa0ac0c6d8f07d42409df56cf07effdca4a9c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Feb 2020 09:30:55 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Expires
Tue, 02 Feb 2021 13:36:51 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=14CE34B8527836E60A490D44%40AdobeOrg&d_nsid=0&ts=1580737010819
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=14CE34B8527836E60A490D44%40AdobeOrg&d_nsid=0&ts=1580737010819
0
-1 B
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=14CE34B8527836E60A490D44%40AdobeOrg&d_nsid=0&ts=1580737010819
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.192.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-192-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=14CE34B8527836E60A490D44%40AdobeOrg&d_nsid=0&ts=1580737010819
X-TID
hOhpWLi/S3g=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.nab.ch
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.nab.ch
X-TID
hOhpWLi/S3g=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=14CE34B8527836E60A490D44%40AdobeOrg&d_nsid=0&ts=1580737010819
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
126 KB
30 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
YicZ/IIydN6K8nck+aaciOkE1qyvD4LxcqzSiOKgcBRwUCcqGyx+k8OgW4su5YplPGjGqYzmcKm05QXZ/ocZ8g==
x-fb-trip-id
1850256238
date
Mon, 03 Feb 2020 13:36:50 GMT, Mon, 03 Feb 2020 13:36:50 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
satellite-594bbed064746d0ba50010fe.js
assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/scripts/
116 KB
36 KB
Script
General
Full URL
https://assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/scripts/satellite-594bbed064746d0ba50010fe.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/satelliteLib-82a2a877ef9ebe83f3db205a0146dbdbe7767a93.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.45 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-45.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c4f5076627204f5b974c1eec55c27b1e35af1d832b6f36dd942e30f51c1dbabb

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 03 Feb 2020 13:36:50 GMT
content-encoding
gzip
last-modified
Tue, 03 Sep 2019 13:16:57 GMT
server
AkamaiNetStorage
etag
"378a185d09b224da84224ca7e1aece56:1567516617.213853"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
36690
expires
Mon, 03 Feb 2020 14:36:50 GMT
s-code-contents-e01e48bfaf0fda37d89a467d83386c84bad98023.js
assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/
136 KB
44 KB
Script
General
Full URL
https://assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/s-code-contents-e01e48bfaf0fda37d89a467d83386c84bad98023.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/satelliteLib-82a2a877ef9ebe83f3db205a0146dbdbe7767a93.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.45 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-45.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0863a05506f867bf6c285ab2e53bf3754006356a918b8423b907458240d6e20b

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 13:36:50 GMT
content-encoding
gzip
last-modified
Tue, 03 Sep 2019 13:16:56 GMT
server
AkamaiNetStorage
etag
"0155e5827667bf83b49685563ac1cae2:1567516616.910014"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Feb 2020 14:36:50 GMT
livechat.js
chat.nab.ch/livechat/js/
0
0
Script
General
Full URL
https://chat.nab.ch/livechat/js/livechat.js
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.73.238.66 , Switzerland, ASN6730 (SUNRISE, CH),
Reverse DNS
nab-livechat.elca-services.com
Software
/
Resource Hash

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://chat.nab.ch
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/gif
navIcon_search.svg
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/
2 KB
3 KB
Image
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/navIcon_search.svg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
d9da51797874217c03b4967f6a58c563aa9ee95e77df310019941d25d7dada66
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Expires
Wed, 04 Mar 2020 13:36:51 GMT
navIcon_markets.svg
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/
832 B
2 KB
Image
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/navIcon_markets.svg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
41b175df6d05d7e3bf40df5416eebee0e7210ba9ba10f4c1949295ea168db5b7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=95
Expires
Wed, 04 Mar 2020 13:36:51 GMT
icon_person.svg
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/
1 KB
2 KB
Image
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/icon_person.svg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
33797793c17fd2692bec3322fb622e7758a10ffdf3f8dcd4dccc5047bf3ea96d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Expires
Wed, 04 Mar 2020 13:36:51 GMT
icons.svg
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/
116 KB
38 KB
Image
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/icons.svg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
f775ae826c650fd386d75dfddc63c8b230dcdadc979d8d41ee7560f2801cd9a3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Expires
Wed, 04 Mar 2020 13:36:51 GMT
Brass_Fonts-SoloSans-Regular.woff2
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Fonts/
11 KB
13 KB
Font
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Fonts/Brass_Fonts-SoloSans-Regular.woff2
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
613325640e8356fec91a2e62b433d54322bd8d6b0d9f0794a4c271229957158a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
Origin
https://www.nab.ch

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Expires
Wed, 04 Mar 2020 13:36:50 GMT
1171879556280022
connect.facebook.net/signals/config/
100 KB
25 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1171879556280022?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b5e5e410a06d99a53622b4efc64fba4723dec62640a03cbee765de78d3c1a9f4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
25012
x-xss-protection
0
pragma
public
x-fb-debug
0XDnNprs7mebuRB4yRjQQix/P+Y5iO5iF6kkCJGsbQwB6Aoqiy85gRZUyggMSXeXSmOiAf5/EB+Cep44Q7HCOg==
x-fb-trip-id
1850256238
date
Mon, 03 Feb 2020 13:36:50 GMT, Mon, 03 Feb 2020 13:36:50 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/
25 KB
10 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/satelliteLib-82a2a877ef9ebe83f3db205a0146dbdbe7767a93.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
cff3976cac7138e8f00fcc062246391c24320fbbb27de20e73f444dfb0175dea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 03 Feb 2020 13:36:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9861
x-xss-protection
0
server
cafe
etag
760867605304960766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 03 Feb 2020 13:36:50 GMT
satellite-5a676f0264746d1b14004998.js
assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/scripts/
28 KB
8 KB
Script
General
Full URL
https://assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/scripts/satellite-5a676f0264746d1b14004998.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/satelliteLib-82a2a877ef9ebe83f3db205a0146dbdbe7767a93.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.45 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-45.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d0ff3f6e45780da3f21e6010a18552d5ffe78e06c1b3c1efe0608f53eb76c43e

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 13:36:50 GMT
content-encoding
gzip
last-modified
Tue, 03 Sep 2019 13:16:59 GMT
server
AkamaiNetStorage
etag
"5d078a052a805faa4e57d04f0508c303:1567516619.145291"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
8092
expires
Mon, 03 Feb 2020 14:36:50 GMT
satellite-5a67703064746d53a2001173.js
assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/scripts/
15 KB
5 KB
Script
General
Full URL
https://assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/scripts/satellite-5a67703064746d53a2001173.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/satelliteLib-82a2a877ef9ebe83f3db205a0146dbdbe7767a93.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.45 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-45.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4059e653851e77885e3095bd640623d84a5dd557cea3be02715a3c95e84ea458

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 13:36:50 GMT
content-encoding
gzip
last-modified
Tue, 03 Sep 2019 13:16:58 GMT
server
AkamaiNetStorage
etag
"7610b4029887522c22ce7705701cd8ac:1567516618.943377"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
4775
expires
Mon, 03 Feb 2020 14:36:50 GMT
formIcon_person.svg
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/
1 KB
2 KB
Image
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/formIcon_person.svg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
084e61139c3c56279b6ecaacd72b3f60f15782eabf134bd9daa61e65410d8766
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Expires
Wed, 04 Mar 2020 13:36:51 GMT
formIcon_phone.svg
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/
1 KB
3 KB
Image
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/formIcon_phone.svg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
edeea0c9d9298eec9c3323c64b368f933819d1214e84cdc8b53aeecd8af3f752
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Expires
Wed, 04 Mar 2020 13:36:51 GMT
formIcon_mail.svg
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/
1 KB
3 KB
Image
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/formIcon_mail.svg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
910ef37990d9c97300c11a02dc7f6ee04a092a06493bf520a2eb367a0231ef5b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Expires
Wed, 04 Mar 2020 13:36:51 GMT
list_bullet.svg
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/
3 KB
2 KB
Image
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/list_bullet.svg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
e62e647951bb53b6b0be3cd3ef06ee900b3e2aada68d8380f966d635cebccc74
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=94
Expires
Wed, 04 Mar 2020 13:36:51 GMT
infoIcon.svg
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/
474 B
2 KB
Image
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/infoIcon.svg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
e04025125b90d8631836ccb7a83de072df48b1e92f720a58ee290664268740a9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Expires
Wed, 04 Mar 2020 13:36:51 GMT
Brass_Fonts-SoloSans-Bold.woff2
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Fonts/
12 KB
14 KB
Font
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Fonts/Brass_Fonts-SoloSans-Bold.woff2
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
32ad79dd66ee81ab505b61e9ec2d8b559954682f15cf0a8e610a332f72794e62
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
Origin
https://www.nab.ch

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Expires
Wed, 04 Mar 2020 13:36:50 GMT
fa-brands-400.woff2
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Fonts/
53 KB
55 KB
Font
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Fonts/fa-brands-400.woff2
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
155963e3fb06f13011705c65bc52ed31f9989b87309c945948a76b35f8e7da67
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
Origin
https://www.nab.ch

Response headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Expires
Wed, 04 Mar 2020 13:36:50 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/928101074/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/928101074/?random=1580737010947&cv=9&fst=1580737010947&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.nab.ch%2F&tiba=Die%20Bank%20%E2%80%93%20verankert%20im%20Aargau%20%7C%20NEUE%20AARGAUER%20BANK%20AG&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
637ff83d54a15175b23d5e5a6f894bff2a109a104f38b808c53999f673ea0198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Feb 2020 13:36:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1017
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe_api
www.youtube.com/
859 B
931 B
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/satelliteLib-82a2a877ef9ebe83f3db205a0146dbdbe7767a93.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
ed542d004a63dd31f7d6ce2b515deda2ba6f3eab710146ddd3e79499f30d47c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 13:36:50 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
/
www.facebook.com/tr/
44 B
264 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1171879556280022&ev=PageView&dl=https%3A%2F%2Fwww.nab.ch%2F&rl=&if=false&ts=1580737010959&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=28&fbp=fb.1.1580737010959.1059623313&it=1580737010905&coo=false&rqm=GET
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 13:36:50 GMT, Mon, 03 Feb 2020 13:36:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 03 Feb 2020 13:36:50 GMT
csm_731_NAB_Inserat_Bilanz_Rating_Siegel_500x200px_RZ_900dpi_1cf4e953da.png
www.nab.ch/fileadmin/_processed_/6/4/
36 KB
38 KB
Image
General
Full URL
https://www.nab.ch/fileadmin/_processed_/6/4/csm_731_NAB_Inserat_Bilanz_Rating_Siegel_500x200px_RZ_900dpi_1cf4e953da.png
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
0817dd4363f1cfd6bd8c3f85b05e2b7c3062de574fef7e2c77a42e9a5003bb79
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 29 Apr 2019 08:36:07 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/png
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=95
Expires
Wed, 04 Mar 2020 13:36:51 GMT
Achthunderter_Bild_1960x750.svg
www.nab.ch/fileadmin/user_upload/Public/Kampagnen/We_Love_Aargau/
1 MB
894 KB
Image
General
Full URL
https://www.nab.ch/fileadmin/user_upload/Public/Kampagnen/We_Love_Aargau/Achthunderter_Bild_1960x750.svg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
d98e4c11c817a0da755f48ec0fc97c9fec90db58ede1882ec1b15025c1854f0b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Feb 2020 12:36:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=92
Expires
Wed, 04 Mar 2020 13:36:51 GMT
mainnav_arrow_up.png
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/
1 KB
3 KB
Image
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/mainnav_arrow_up.png
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/typo3conf/ext/emboss_jquery/Resources/Public/JavaScript/jquery-3.3.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
0e4f7e9728eb5d97ad3d2150e0f888e83fc1e15569930a354c1676265d6cc5fa
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/png
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Expires
Wed, 04 Mar 2020 13:36:51 GMT
mainnav_arrow_right.svg
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/
899 B
2 KB
Image
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/mainnav_arrow_right.svg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/typo3conf/ext/emboss_jquery/Resources/Public/JavaScript/jquery-3.3.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
7bab5a2df420b22589f0495ee9e2704b4556ddf840e58ea6a5b8825c614ed206
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Expires
Wed, 04 Mar 2020 13:36:51 GMT
rd
dpm.demdex.net/id/
371 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=14CE34B8527836E60A490D44%40AdobeOrg&d_nsid=0&ts=1580737010819
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.192.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-192-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8f243858eed86bf5f471c44de144011d46aa0da7d29f3fce4076243d38d2a1a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nab.ch/
Origin
https://www.nab.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v058-05bf27cac.edge-irl1.demdex.com 5.64.4.20200120100612 7ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
Nyt3jl7hSAM=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.nab.ch
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
304
Expires
Thu, 01 Jan 1970 00:00:00 GMT
select_arrow_new.svg
www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/
965 B
2 KB
Image
General
Full URL
https://www.nab.ch/typo3conf/ext/nabch_template/Resources/Public/Images/select_arrow_new.svg
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
04dd8dc8800897d20e130413f2c3eb426a247646c63323420171a5a31cec0a4d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/typo3temp/compressor/merged-de25fd8193d8058e775b9b46d255d182-df95775104ab6f133f70daba23a1d8b0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Dec 2019 08:01:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Expires
Wed, 04 Mar 2020 13:36:51 GMT
/
www.google.com/pagead/1p-user-list/928101074/
42 B
110 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/928101074/?random=1580737010947&cv=9&fst=1580734800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.nab.ch%2F&tiba=Die%20Bank%20%E2%80%93%20verankert%20im%20Aargau%20%7C%20NEUE%20AARGAUER%20BANK%20AG&fmt=3&is_vtc=1&random=2943323522&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Feb 2020 13:36:51 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/928101074/
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/928101074/?random=1580737010947&cv=9&fst=1580734800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.nab.ch%2F&tiba=Die%20Bank%20%E2%80%93%20verankert%20im%20Aargau%20%7C%20NEUE%20AARGAUER%20BANK%20AG&fmt=3&is_vtc=1&random=2943323522&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Feb 2020 13:36:51 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflWjyjuR/
27 KB
10 KB
Script
General
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflWjyjuR/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54ce632ea97b69d28939294f13c82bf6c056458d55e5567d9d765e8185579aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 12:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3079
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10233
x-xss-protection
0
last-modified
Sat, 01 Feb 2020 02:25:43 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Tue, 11 Feb 2020 12:45:32 GMT
Cookie set dest5.html
creditsuisse.demdex.net/ Frame B232
0
0
Document
General
Full URL
https://creditsuisse.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/satelliteLib-82a2a877ef9ebe83f3db205a0146dbdbe7767a93.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.220.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-220-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
creditsuisse.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.nab.ch/
Accept-Encoding
gzip, deflate, br
Cookie
demdex=55914940643672266600057126603088802477
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.nab.ch/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Tue, 21 Jan 2020 09:01:11 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=55914940643672266600057126603088802477;Path=/;Domain=.demdex.net;Expires=Sat, 01-Aug-2020 13:36:51 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
VzyM3KOzTeQ=
Content-Length
2764
Connection
keep-alive
id
sdc2.credit-suisse.com/
49 B
473 B
XHR
General
Full URL
https://sdc2.credit-suisse.com/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=14CE34B8527836E60A490D44%40AdobeOrg&mid=46846446854237029750887558682699402806&ts=1580737011125
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/satelliteLib-82a2a877ef9ebe83f3db205a0146dbdbe7767a93.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.31.119 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-31-119.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
c13c01ab76ae0300b3eccb233d04c02578ee11bf643a30a8b53e80e091ae8ca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
Origin
https://www.nab.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Mon, 03 Feb 2020 13:36:50 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-778c94b494-8pw7s
vary
Origin
x-c
master-1105.I62e04a.M0-322
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.nab.ch
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript
content-length
49
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Xjgh8wAAAd95ZxTJ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=55914940643672266600057126603088802477
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xjgh8wAAAd95ZxTJ
42 B
915 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xjgh8wAAAd95ZxTJ
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.192.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-192-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v058-0e653ded4.edge-irl1.demdex.com 5.64.4.20200120100612 1ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
esYmJw7QSlc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Mon, 03 Feb 2020 13:36:50 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xjgh8wAAAd95ZxTJ
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
json
creditsuisse.tt.omtrdc.net/m2/creditsuisse/mbox/
96 B
657 B
XHR
General
Full URL
https://creditsuisse.tt.omtrdc.net/m2/creditsuisse/mbox/json?mbox=target-global-mbox&mboxSession=e78370da941948e18c6d351d1bf72eba&mboxPC=&mboxPage=fc3a4f13af1a4ad885b5605980b49642&mboxVersion=0.9.6&mboxCount=1&mboxTime=1580740611242&mboxHost=www.nab.ch&mboxURL=https%3A%2F%2Fwww.nab.ch%2F&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1585&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&mboxMCGVID=46846446854237029750887558682699402806&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCAVID=&mboxMCGLH=6&vst.trk=sdc2.credit-suisse.com&vst.trks=sdc2.credit-suisse.com&mboxMCSDID=6B97897EC120E558-153B4FB998361259
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/scripts/satellite-594bbed064746d0ba50010fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.117.29.4 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
/
Resource Hash
aaeeea00ec1443bcb72cbfa6155cccd0dfc6a145e26b2ffab0b72b4cd9280a86

Request headers

Accept
application/json
Referer
https://www.nab.ch/
Origin
https://www.nab.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Feb 2020 13:36:50 GMT
content-type
application/json;charset=UTF-8
status
200
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI DSP CURa OUR STP COM"
access-control-allow-origin
https://www.nab.ch
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
content-length
96
x-request-id
17d1e0a9-a305-4a7f-9d3f-aa031cd6df80
s49361586010889
sdc2.credit-suisse.com/b/ss/csnab-live/10/JS-2.6.0-D7QN/
146 B
420 B
Script
General
Full URL
https://sdc2.credit-suisse.com/b/ss/csnab-live/10/JS-2.6.0-D7QN/s49361586010889?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=3%2F1%2F2020%2014%3A36%3A51%201%20-60&d.&nsid=0&jsonv=1&.d&sdid=6B97897EC120E558-153B4FB998361259&D=D%3D&mid=46846446854237029750887558682699402806&aamlh=6&ce=UTF-8&pageName=home%20-%20nab.ch&g=https%3A%2F%2Fwww.nab.ch%2F&cc=CHF&ch=home%20-%20nab.ch&events=event1%2Cevent2&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=D%3Dh1&h1=home%20-%20nab.ch&c3=n_a&v3=n_a&c4=n_a&v4=n_a&c5=D%3Dv5&v5=csnab-live&c8=D%3Dv8&c9=D%3Dv9&v9=www.nab.ch&c10=D%3Dg&c11=D%3Dv11&v11=noref&c12=D%3Dv12&v12=home%20-%20nab.ch&c21=D%3Dv21&v21=v%3A5.0%2FDTM%3Atrue&c29=D%3Dv29&v29=home%20-%20nab.ch&c33=D%3Dg&v33=D%3Dg&c34=D%3Dv34&v34=undefined%3Ahome%20-%20nab.ch&c39=D%3Dv39&v39=undefined%3Aundefined&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=14CE34B8527836E60A490D44%40AdobeOrg&AQE=1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bfdc45f31b08a63886c9e4784bb2aaa9a04530d5/s-code-contents-e01e48bfaf0fda37d89a467d83386c84bad98023.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.31.119 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-31-119.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
7f97961aefb1db84d6feb3a2e4ea5354298a053d1d1e10543b20ebb2e334d463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nab.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-aam-tid
X1wYNFZgS0k=
date
Mon, 03 Feb 2020 13:36:50 GMT
x-content-type-options
nosniff
x-c
master-1105.I62e04a.M0-322
p3p
CP="This is not a P3P policy"
status
200
content-length
146
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-v058-0216bd9ff.edge-irl1.demdex.com 5.64.4.20200120100612 6ms (+0ms)
pragma
no-cache
last-modified
Tue, 04 Feb 2020 13:36:51 GMT
server
jag
xserver
anedge-778c94b494-5td7n
etag
3394606882996191232-4614578323537453422
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 02 Feb 2020 13:36:51 GMT
index.php
www.nab.ch//
1 B
2 KB
XHR
General
Full URL
https://www.nab.ch//index.php?&eID=powermailEidMarketing&tx_powermail_pi1[language]=0&id=3&tx_powermail_pi1[pid]=3&tx_powermail_pi1[mobileDevice]=0&tx_powermail_pi1[referer]=&_=1580737010812
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/typo3conf/ext/emboss_jquery/Resources/Public/JavaScript/jquery-3.3.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.65 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nab.ch
Software
Apache /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.nab.ch/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
X-Content-Type-Options
nosniff
Expires
Mon, 03 Feb 2020 13:36:51 GMT
Server
Apache
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
text/html; charset=UTF-8
X-Permitted-Cross-Domain-Policies
master-only
Cache-Control
max-age=0
Content-Security-Policy
default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Connection
Keep-Alive
Vary
Host
Content-Length
1
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=15, max=95
X-UA-Compatible
IE=edge
/
www.nabhome.ch/
29 KB
11 KB
XHR
General
Full URL
https://www.nabhome.ch/?eID=rayon
Requested by
Host: www.nab.ch
URL: https://www.nab.ch/typo3conf/ext/emboss_jquery/Resources/Public/JavaScript/jquery-3.3.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.72.166.68 , Switzerland, ASN42491 (ARPAGE, CH),
Reverse DNS
www.nabhome.ch
Software
Apache /
Resource Hash
4e30de9c659a2f2f33ce752a3696fbd08341e29a038b7bb85394953e259a459b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: www.nab.ch sdc2.credit-suisse.com *.omtrdc.net *.demdex.net *.everesttech.net *.googleapis.com www.google.ch www.google.com www.google.de *.gstatic.com *.nabhome.ch *.immoscout24.ch isct-ssl.wemfbox.ch *.ggpht.com *.360-grad-rundgang.ch 360-grad-rundgang.ch *.360-rundgang.ch 360-rundgang.ch *.360home.ch 360home.ch *.360magictour.com 360magictour.com *.3dprojekt.ch 3dprojekt.ch *.3dvista.com 3dvista.com *.6emevue.com 6emevue.com *.aida-immobilien.ch aida-immobilien.ch *.amkrebsenweg.ch amkrebsenweg.ch *.archilogic.com archilogic.com *.businessimages.ch businessimages.ch *.casatour.ch casatour.ch *.caser.ch caser.ch *.citybau.ch citybau.ch *.cupix.com cupix.com *.dvdarch.ch dvdarch.ch *.dwp3d.com dwp3d.com *.era-immobilien-kuhlmann.ch era-immobilien-kuhlmann.ch *.fortimo.ch fortimo.ch *.foto-mimmo.ch foto-mimmo.ch *.foto-web.ch foto-web.ch *.gawson.com gawson.com *.giessenpark-rent.ch giessenpark-rent.ch *.goldinger.ch goldinger.ch *.grundriss.com grundriss.com *.holobuilder.com holobuilder.com *.housetube.ch housetube.ch *.immobilien360.ch immobilien360.ch *.immobilienscout24.de immobilienscout24.de *.immoleague.ch immoleague.ch *.immopro360.ch immopro360.ch *.immovisual.ch immovisual.ch *.in360.ch in360.ch *.jolimmo.ch jolimmo.ch *.lesregisseurs.ch lesregisseurs.ch *.matterport.com matterport.com *.meero.com meero.com *.net-fs.com net-fs.com *.newhome.ch newhome.ch *.nodalview.com nodalview.com *.novimmob.ch novimmob.ch *.ogulo.de ogulo.de *.ogulo.com ogulo.com *.optasia.ch optasia.ch *.panocom.ch panocom.ch *.panono.com panono.com *.panotour.ch panotour.ch *.pixroom.ch pixroom.ch *.previsite.com previsite.com *.realforce.ch realforce.ch *.remax-olten.ch remax-olten.ch *.reveag.ch reveag.ch *.ritterimmobilien.ch ritterimmobilien.ch *.rolliweg.ch rolliweg.ch *.roman-burri.ch roman-burri.ch *.roomtour.ch roomtour.ch *.roundme.com roundme.com *.salzmannmedia.ch salzmannmedia.ch *.spectando.com spectando.com *.swissinteractive.ch swissinteractive.ch *.swissnetzwerk.ch swissnetzwerk.ch *.theasys.io theasys.io *.tourmake.it tourmake.it *.view3.com view3.com *.virtual-360.ch virtual-360.ch *.virtual-view.ch virtual-view.ch *.visualpro.ch visualpro.ch *.werdenberg360grad.ch werdenberg360grad.ch *.wohnenschaeferei.ch wohnenschaeferei.ch *.yetivisite.ch yetivisite.ch www.facebook.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch assets.adobedtm.com sdc2.credit-suisse.com www.credit-suisse.com *.googleapis.com www.googleadservices.com www.google.com www.google.ch cdn.tt.omtrdc.net connect.facebook.net; object-src 'self'; child-src 'self' data: *.nabhome.ch www.google.ch www.google.com *.demdex.net www.youtube.com cdnapisec.kaltura.com creditsuisse.experiencecloud.adobe.com *.360-grad-rundgang.ch 360-grad-rundgang.ch *.360-rundgang.ch 360-rundgang.ch *.360home.ch 360home.ch *.360magictour.com 360magictour.com *.3dprojekt.ch 3dprojekt.ch *.3dvista.com 3dvista.com *.6emevue.com 6emevue.com *.aida-immobilien.ch aida-immobilien.ch *.amkrebsenweg.ch amkrebsenweg.ch *.archilogic.com archilogic.com *.businessimages.ch businessimages.ch *.casatour.ch casatour.ch *.caser.ch caser.ch *.citybau.ch citybau.ch *.cupix.com cupix.com *.dvdarch.ch dvdarch.ch *.dwp3d.com dwp3d.com *.era-immobilien-kuhlmann.ch era-immobilien-kuhlmann.ch *.fortimo.ch fortimo.ch *.foto-mimmo.ch foto-mimmo.ch *.foto-web.ch foto-web.ch *.gawson.com gawson.com *.giessenpark-rent.ch giessenpark-rent.ch *.goldinger.ch goldinger.ch *.grundriss.com grundriss.com *.holobuilder.com holobuilder.com *.housetube.ch housetube.ch *.immobilien360.ch immobilien360.ch *.immobilienscout24.de immobilienscout24.de *.immoleague.ch immoleague.ch *.immopro360.ch immopro360.ch *.immovisual.ch immovisual.ch *.in360.ch in360.ch *.jolimmo.ch jolimmo.ch *.lesregisseurs.ch lesregisseurs.ch *.matterport.com matterport.com *.meero.com meero.com *.net-fs.com net-fs.com *.newhome.ch newhome.ch *.nodalview.com nodalview.com *.novimmob.ch novimmob.ch *.ogulo.de ogulo.de *.ogulo.com ogulo.com *.optasia.ch optasia.ch *.panocom.ch panocom.ch *.panono.com panono.com *.panotour.ch panotour.ch *.pixroom.ch pixroom.ch *.previsite.com previsite.com *.realforce.ch realforce.ch *.remax-olten.ch remax-olten.ch *.reveag.ch reveag.ch *.ritterimmobilien.ch ritterimmobilien.ch *.rolliweg.ch rolliweg.ch *.roman-burri.ch roman-burri.ch *.roomtour.ch roomtour.ch *.roundme.com roundme.com *.salzmannmedia.ch salzmannmedia.ch *.spectando.com spectando.com *.swissinteractive.ch swissinteractive.ch *.swissnetzwerk.ch swissnetzwerk.ch *.theasys.io theasys.io *.tourmake.it tourmake.it *.view3.com view3.com *.virtual-360.ch virtual-360.ch *.virtual-view.ch virtual-view.ch *.visualpro.ch visualpro.ch *.werdenberg360grad.ch werdenberg360grad.ch *.wohnenschaeferei.ch wohnenschaeferei.ch *.yetivisite.ch yetivisite.ch; style-src 'self' 'unsafe-inline' fast.fonts.net *.googleapis.com cdn.tt.omtrdc.net; frame-ancestors 'self' *.nabhome.ch creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.nab.ch/
Origin
https://www.nab.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 13:36:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Transfer-Encoding
chunked
Connection
Keep-Alive
Vary
Host,Accept-Encoding
X-XSS-Protection
1; mode=block
Access-Control-Allow-Headers
X-Requested-With
Server
Apache
Strict-Transport-Security
max-age=10886400; includeSubDomains
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Content-Security-Policy
default-src 'self' data: www.nab.ch sdc2.credit-suisse.com *.omtrdc.net *.demdex.net *.everesttech.net *.googleapis.com www.google.ch www.google.com www.google.de *.gstatic.com *.nabhome.ch *.immoscout24.ch isct-ssl.wemfbox.ch *.ggpht.com *.360-grad-rundgang.ch 360-grad-rundgang.ch *.360-rundgang.ch 360-rundgang.ch *.360home.ch 360home.ch *.360magictour.com 360magictour.com *.3dprojekt.ch 3dprojekt.ch *.3dvista.com 3dvista.com *.6emevue.com 6emevue.com *.aida-immobilien.ch aida-immobilien.ch *.amkrebsenweg.ch amkrebsenweg.ch *.archilogic.com archilogic.com *.businessimages.ch businessimages.ch *.casatour.ch casatour.ch *.caser.ch caser.ch *.citybau.ch citybau.ch *.cupix.com cupix.com *.dvdarch.ch dvdarch.ch *.dwp3d.com dwp3d.com *.era-immobilien-kuhlmann.ch era-immobilien-kuhlmann.ch *.fortimo.ch fortimo.ch *.foto-mimmo.ch foto-mimmo.ch *.foto-web.ch foto-web.ch *.gawson.com gawson.com *.giessenpark-rent.ch giessenpark-rent.ch *.goldinger.ch goldinger.ch *.grundriss.com grundriss.com *.holobuilder.com holobuilder.com *.housetube.ch housetube.ch *.immobilien360.ch immobilien360.ch *.immobilienscout24.de immobilienscout24.de *.immoleague.ch immoleague.ch *.immopro360.ch immopro360.ch *.immovisual.ch immovisual.ch *.in360.ch in360.ch *.jolimmo.ch jolimmo.ch *.lesregisseurs.ch lesregisseurs.ch *.matterport.com matterport.com *.meero.com meero.com *.net-fs.com net-fs.com *.newhome.ch newhome.ch *.nodalview.com nodalview.com *.novimmob.ch novimmob.ch *.ogulo.de ogulo.de *.ogulo.com ogulo.com *.optasia.ch optasia.ch *.panocom.ch panocom.ch *.panono.com panono.com *.panotour.ch panotour.ch *.pixroom.ch pixroom.ch *.previsite.com previsite.com *.realforce.ch realforce.ch *.remax-olten.ch remax-olten.ch *.reveag.ch reveag.ch *.ritterimmobilien.ch ritterimmobilien.ch *.rolliweg.ch rolliweg.ch *.roman-burri.ch roman-burri.ch *.roomtour.ch roomtour.ch *.roundme.com roundme.com *.salzmannmedia.ch salzmannmedia.ch *.spectando.com spectando.com *.swissinteractive.ch swissinteractive.ch *.swissnetzwerk.ch swissnetzwerk.ch *.theasys.io theasys.io *.tourmake.it tourmake.it *.view3.com view3.com *.virtual-360.ch virtual-360.ch *.virtual-view.ch virtual-view.ch *.visualpro.ch visualpro.ch *.werdenberg360grad.ch werdenberg360grad.ch *.wohnenschaeferei.ch wohnenschaeferei.ch *.yetivisite.ch yetivisite.ch www.facebook.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch assets.adobedtm.com sdc2.credit-suisse.com www.credit-suisse.com *.googleapis.com www.googleadservices.com www.google.com www.google.ch cdn.tt.omtrdc.net connect.facebook.net; object-src 'self'; child-src 'self' data: *.nabhome.ch www.google.ch www.google.com *.demdex.net www.youtube.com cdnapisec.kaltura.com creditsuisse.experiencecloud.adobe.com *.360-grad-rundgang.ch 360-grad-rundgang.ch *.360-rundgang.ch 360-rundgang.ch *.360home.ch 360home.ch *.360magictour.com 360magictour.com *.3dprojekt.ch 3dprojekt.ch *.3dvista.com 3dvista.com *.6emevue.com 6emevue.com *.aida-immobilien.ch aida-immobilien.ch *.amkrebsenweg.ch amkrebsenweg.ch *.archilogic.com archilogic.com *.businessimages.ch businessimages.ch *.casatour.ch casatour.ch *.caser.ch caser.ch *.citybau.ch citybau.ch *.cupix.com cupix.com *.dvdarch.ch dvdarch.ch *.dwp3d.com dwp3d.com *.era-immobilien-kuhlmann.ch era-immobilien-kuhlmann.ch *.fortimo.ch fortimo.ch *.foto-mimmo.ch foto-mimmo.ch *.foto-web.ch foto-web.ch *.gawson.com gawson.com *.giessenpark-rent.ch giessenpark-rent.ch *.goldinger.ch goldinger.ch *.grundriss.com grundriss.com *.holobuilder.com holobuilder.com *.housetube.ch housetube.ch *.immobilien360.ch immobilien360.ch *.immobilienscout24.de immobilienscout24.de *.immoleague.ch immoleague.ch *.immopro360.ch immopro360.ch *.immovisual.ch immovisual.ch *.in360.ch in360.ch *.jolimmo.ch jolimmo.ch *.lesregisseurs.ch lesregisseurs.ch *.matterport.com matterport.com *.meero.com meero.com *.net-fs.com net-fs.com *.newhome.ch newhome.ch *.nodalview.com nodalview.com *.novimmob.ch novimmob.ch *.ogulo.de ogulo.de *.ogulo.com ogulo.com *.optasia.ch optasia.ch *.panocom.ch panocom.ch *.panono.com panono.com *.panotour.ch panotour.ch *.pixroom.ch pixroom.ch *.previsite.com previsite.com *.realforce.ch realforce.ch *.remax-olten.ch remax-olten.ch *.reveag.ch reveag.ch *.ritterimmobilien.ch ritterimmobilien.ch *.rolliweg.ch rolliweg.ch *.roman-burri.ch roman-burri.ch *.roomtour.ch roomtour.ch *.roundme.com roundme.com *.salzmannmedia.ch salzmannmedia.ch *.spectando.com spectando.com *.swissinteractive.ch swissinteractive.ch *.swissnetzwerk.ch swissnetzwerk.ch *.theasys.io theasys.io *.tourmake.it tourmake.it *.view3.com view3.com *.virtual-360.ch virtual-360.ch *.virtual-view.ch virtual-view.ch *.visualpro.ch visualpro.ch *.werdenberg360grad.ch werdenberg360grad.ch *.wohnenschaeferei.ch wohnenschaeferei.ch *.yetivisite.ch yetivisite.ch; style-src 'self' 'unsafe-inline' fast.fonts.net *.googleapis.com cdn.tt.omtrdc.net; frame-ancestors 'self' *.nabhome.ch creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Keep-Alive
timeout=15, max=100
Expires
Mon, 03 Feb 2020 13:36:51 GMT

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| d3 function| $ function| jQuery function| Visitor object| _satellite object| s_c_il number| s_c_in function| fbq function| _fbq object| valConfig function| replaceRadios function| replaceCheckboxes function| replaceDropdowns function| decryptCharcode function| decryptString function| linkTo_UnCryptMailto object| jQBrowser function| setLastScrolltop function| documentClickBlock function| initializeProducts function| initializeTextboxOverlay number| navtimestamp function| hashParts function| buildHash object| digitalData function| bundlesPowermail object| smartMessage object| adobe function| mboxCreate function| mboxDefine function| mboxUpdate object| _AT object| smartMessageConfiguration number| dep_id object| powermailFieldConditions number| indexedSearchPID number| startAutocomplete object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params object| google_transport_url object| _csaa function| _csaaAddEvent function| _csaaCheckjQueryVersion function| _csaaNormalize function| _csaaFillEvarWithProp function| _csaaFillPropWithEvar function| _csaaReadCookie function| _csaaGetParameterByName function| _csaaGetHashParameterByName function| _csaaCutProtocolFromURL function| _csaaCountTrailingChars function| _csaaDedupVars function| _csaaDedupAllVars function| _csaaGetSearchTerm function| _csaaGetHostForInternalFilters undefined| _csaaEventTracker function| s_doPlugins function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media function| AppMeasurement function| s_gi function| s_pgicq object| s function| DIL number| s_objectID number| s_giq object| v object| vc number| v0 number| v1 number| v2 number| vc0 number| vc1 number| vc2 function| onYouTubeIframeAPIReady object| _csaaPageVarsDTM object| _csaaPageVarsDTMPageVarsEveryHit object| _csaaPageVarsDTMOverride object| _csaaHardDTMOverride object| DTMHelper object| _csaaSitespecTracker boolean| pageHeaderSizeAdapted number| maxHeight number| headerHeight number| windowOffset number| height number| width number| contentWidth number| rowIndex number| secondRowIndex undefined| attr boolean| scrollingToAnchor number| total number| count number| showCount number| ii object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter number| x number| k number| kk object| s_i_csnab-live undefined| offset undefined| url undefined| hash function| _toConsumableArray function| _slice function| PowermailForm function| PowermailMarketing undefined| delay undefined| createProductNav undefined| updateSubNav undefined| checkFooterPosition undefined| checkLeftColSticky boolean| blockHashUpdateOnScroll object| stickyBar object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI object| parsley

9 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 55914940643672266600057126603088802477
www.nab.ch/ Name: fe_typo_user
Value: ee1bbfdd8d4362c9f97dc1595e4075e8
.nab.ch/ Name: mbox
Value: session#e78370da941948e18c6d351d1bf72eba#1580738872|PC#e78370da941948e18c6d351d1bf72eba.26_0#1643981812
.nab.ch/ Name: _fbp
Value: fb.1.1580737010959.1059623313
.nab.ch/ Name: AMCV_14CE34B8527836E60A490D44%40AdobeOrg
Value: -330454231%7CMCIDTS%7C18296%7CMCMID%7C46846446854237029750887558682699402806%7CMCAAMLH-1581341811%7C6%7CMCAAMB-1581341811%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1580744211s%7CNONE%7CMCSYNCSOP%7C411-18303%7CMCAID%7CNONE%7CvVersion%7C3.1.2
.nab.ch/ Name: AMCVS_14CE34B8527836E60A490D44%40AdobeOrg
Value: 1
.nab.ch/ Name: aam_uuid
Value: 55914940643672266600057126603088802477
.nab.ch/ Name: s_cc
Value: true
.nab.ch/ Name: check
Value: true

1 Console Messages

Source Level URL
Text
console-api warning URL: https://www.nab.ch/typo3conf/ext/emboss_jquery/Resources/Public/JavaScript/jquery-3.3.1.min.js(Line 2)
Message:
jQuery.Deferred exception: Cannot read property 'top' of undefined TypeError: Cannot read property 'top' of undefined at watchCampaignContactHeader (https://www.nab.ch/typo3temp/compressor/merged-f2097928d671e419492a1311d495031b-342a8e93fdbe1a59b8b21d5de48df7c3.js:4424:63) at HTMLDocument.<anonymous> (https://www.nab.ch/typo3temp/compressor/merged-f2097928d671e419492a1311d495031b-342a8e93fdbe1a59b8b21d5de48df7c3.js:4442:5) at l (https://www.nab.ch/typo3conf/ext/emboss_jquery/Resources/Public/JavaScript/jquery-3.3.1.min.js:2:29375) at c (https://www.nab.ch/typo3conf/ext/emboss_jquery/Resources/Public/JavaScript/jquery-3.3.1.min.js:2:29677) undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data: sdc2.credit-suisse.com *.nab.ch www.nabhome.ch *.omtrdc.net *.demdex.net www.youtube.com maps.gstatic.com csi.gstatic.com *.googleapis.com fonts.gstatic.com api.rkd.reuters.com secure.credit-now.ch *.g.doubleclick.net www.google.ch www.google.com www.google.de; img-src 'self' data: *.nab.ch *.immoscout24.ch www.facebook.com *.ggpht.com maps.gstatic.com csi.gstatic.com sdc2.credit-suisse.com *.demdex.net *.googleapis.com api.rkd.reuters.com www.googleadservices.com *.g.doubleclick.net www.google.com www.google.ch www.google.de *.everesttech.net api.permaleads.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nab.ch sdc2.credit-suisse.com www.credit-suisse.com assets.adobedtm.com connect.facebook.net fast.fonts.net maps.googleapis.com mts0.googleapis.com mts1.googleapis.com ajax.googleapis.com www.googleadservices.com api.permaleads.ch *.g.doubleclick.net www.google.com www.google.ch cdn.tt.omtrdc.net www.youtube.com s.ytimg.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.nab.ch fast.fonts.net fonts.googleapis.com cdn.tt.omtrdc.net; child-src 'self' *.nab.ch *.nab-charity.ch *.nab-award.ch *.mynab.ch www.youtube.com www.bank-now.ch *.g.doubleclick.net www.google.ch www.google.com cdnapisec.kaltura.com *.demdex.net *.omniture.com creditsuisse.experiencecloud.adobe.com; report-uri /cspreport-service/csp-report
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
chat.nab.ch
cm.everesttech.net
connect.facebook.net
creditsuisse.demdex.net
creditsuisse.tt.omtrdc.net
dpm.demdex.net
googleads.g.doubleclick.net
nab.ch
s.ytimg.com
sdc2.credit-suisse.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.nab.ch
www.nabhome.ch
www.youtube.com
15.188.31.119
172.217.23.98
193.72.166.65
193.72.166.68
193.73.238.66
23.210.248.45
2a00:1450:4001:80b::200e
2a00:1450:4001:816::2004
2a00:1450:4001:818::2003
2a00:1450:4001:81d::200e
2a00:1450:4001:821::2002
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.247.192.223
52.16.220.22
66.117.28.86
66.117.29.4
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
04dd8dc8800897d20e130413f2c3eb426a247646c63323420171a5a31cec0a4d
0817dd4363f1cfd6bd8c3f85b05e2b7c3062de574fef7e2c77a42e9a5003bb79
084e61139c3c56279b6ecaacd72b3f60f15782eabf134bd9daa61e65410d8766
0863a05506f867bf6c285ab2e53bf3754006356a918b8423b907458240d6e20b
0e4f7e9728eb5d97ad3d2150e0f888e83fc1e15569930a354c1676265d6cc5fa
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d62d4368cc31dbf7f014f03dafd4cf8a089b4a85e72008b169c2041836cf00
155963e3fb06f13011705c65bc52ed31f9989b87309c945948a76b35f8e7da67
2780d2048eb5579c370518a6f71552fb4b6a1062797c9acd90940021b45bce45
27c86c745ca1685261ebb0daeeb3c2cc3dcb54eb0b3dddc5613728519d4fa3a7
2bc182f3f4fb5a2d569c7a957c76ac545b770d3a0b63ca089050c54d31e0608e
32ad79dd66ee81ab505b61e9ec2d8b559954682f15cf0a8e610a332f72794e62
33797793c17fd2692bec3322fb622e7758a10ffdf3f8dcd4dccc5047bf3ea96d
4059e653851e77885e3095bd640623d84a5dd557cea3be02715a3c95e84ea458
41b175df6d05d7e3bf40df5416eebee0e7210ba9ba10f4c1949295ea168db5b7
4e30de9c659a2f2f33ce752a3696fbd08341e29a038b7bb85394953e259a459b
54ce632ea97b69d28939294f13c82bf6c056458d55e5567d9d765e8185579aaa
59e4a49f68c5a76e9f72feebb9662cf8a9fbde11d34df757ef64d95339f4279f
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
613325640e8356fec91a2e62b433d54322bd8d6b0d9f0794a4c271229957158a
637ff83d54a15175b23d5e5a6f894bff2a109a104f38b808c53999f673ea0198
691a52caa18e58b1f10e53eb723b4a3b01fb0a7b2679c0e5f99637afcf33cced
6dd4dd209ce29924ced34a4f199768e481c23dadb17c458a6cc13b44cc2c99a9
6eb66624a6c048e8245a8d993e7a142fc6063867fe9093094e2b680661380bfb
7bab5a2df420b22589f0495ee9e2704b4556ddf840e58ea6a5b8825c614ed206
7f97961aefb1db84d6feb3a2e4ea5354298a053d1d1e10543b20ebb2e334d463
86bea5e225feca65f9c9631f5da84d8b11960bf1d6b969c8060c14cf909b68a3
8942b2e1554bb0dad0c7b397f2b6c9f3bd13831bc1f78000174111a8cc3523d7
8bc809de307be37ff0132fadf83c493771869fc41da3b81b9bde2ebfda87a9ad
8f243858eed86bf5f471c44de144011d46aa0da7d29f3fce4076243d38d2a1a9
910ef37990d9c97300c11a02dc7f6ee04a092a06493bf520a2eb367a0231ef5b
9d43976d4ac251d3808e2eabc1fb7fd4c2b29ae9c0b83ca71f5978a8f865a2d2
a09860b039b6e58e15918e0b5e8d69cdb1b7195f8e16452f37011e6ee50238dd
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
aaeeea00ec1443bcb72cbfa6155cccd0dfc6a145e26b2ffab0b72b4cd9280a86
b5e5e410a06d99a53622b4efc64fba4723dec62640a03cbee765de78d3c1a9f4
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
b860a2d144ad99838de065fab7d3c5d28a17e87f4b8b446b4fce0f566c63e09a
ba97154f3ffaec09c362e1ce9623ce4eb342dd3590e8b5a2abfe822b52428604
c13c01ab76ae0300b3eccb233d04c02578ee11bf643a30a8b53e80e091ae8ca9
c4f5076627204f5b974c1eec55c27b1e35af1d832b6f36dd942e30f51c1dbabb
ccdb3a4acb9cfd6847118d5429efa0ac0c6d8f07d42409df56cf07effdca4a9c
cff3976cac7138e8f00fcc062246391c24320fbbb27de20e73f444dfb0175dea
d0ff3f6e45780da3f21e6010a18552d5ffe78e06c1b3c1efe0608f53eb76c43e
d69842c05fd802a5eaf3911b655b9d6cea94086dd8b4802f0d40338a91661f59
d98e4c11c817a0da755f48ec0fc97c9fec90db58ede1882ec1b15025c1854f0b
d9da51797874217c03b4967f6a58c563aa9ee95e77df310019941d25d7dada66
e04025125b90d8631836ccb7a83de072df48b1e92f720a58ee290664268740a9
e1038c7c6f58e1301b4f513404ce7b7f91a8ac58586be4b53bf3f05af47d8143
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62e647951bb53b6b0be3cd3ef06ee900b3e2aada68d8380f966d635cebccc74
ed542d004a63dd31f7d6ce2b515deda2ba6f3eab710146ddd3e79499f30d47c6
edeea0c9d9298eec9c3323c64b368f933819d1214e84cdc8b53aeecd8af3f752
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f775ae826c650fd386d75dfddc63c8b230dcdadc979d8d41ee7560f2801cd9a3