urlscan.io logo urlscan.io
SecurityTrails logo

eseances.payerne.swiss Open in urlscan Pro
145.232.236.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://eseances.payerne.swiss/
Effective URL: https://eseances.payerne.swiss/Pages/Authentication/Login.aspx
Submission: On August 18 via automatic, source certstream-suspicious — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 145.232.236.228, located in Attalens, Switzerland and belongs to ETAT-DE-VAUD, CH. The main domain is eseances.payerne.swiss.
TLS certificate: Issued by R10 on August 16th 2024. Valid for: 3 months.
This is the only time eseances.payerne.swiss was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 145.232.236.228 15675 (ETAT-DE-VAUD)
2 195.15.218.88 29222 (INFOMANIA...)
13 2
Apex Domain
Subdomains		 Transfer
12 payerne.swiss
eseances.payerne.swiss
2 MB
2 artionet.group
monitoring.artionet.group
17 B
13 2
Domain Requested by
12 eseances.payerne.swiss 1 redirects eseances.payerne.swiss
2 monitoring.artionet.group eseances.payerne.swiss
13 2

This site contains no links.

Subject Issuer Validity Valid
eseances.payerne.swiss
R10		 2024-08-16 -
2024-11-14		 3 months crt.sh
monitoring.artionet.group
Sectigo RSA Domain Validation Secure Server CA		 2024-02-23 -
2025-02-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://eseances.payerne.swiss/Pages/Authentication/Login.aspx
Frame ID: 6E5096173F4403F4DEE5B1ABEC255FC9
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Verbindung - Ville de Payerne | eSéances

Page URL History Show full URLs

  1. https://eseances.payerne.swiss/ HTTP 302
    https://eseances.payerne.swiss/Pages/Authentication/Login.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

2079 kB
Transfer

2073 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://eseances.payerne.swiss/ HTTP 302
    https://eseances.payerne.swiss/Pages/Authentication/Login.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login.aspx
eseances.payerne.swiss/Pages/Authentication/
Redirect Chain
  • https://eseances.payerne.swiss/
  • https://eseances.payerne.swiss/Pages/Authentication/Login.aspx
13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eseances.payerne.swiss/Pages/Authentication/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
145.232.236.228 Attalens, Switzerland, ASN15675 (ETAT-DE-VAUD, CH),
Reverse DNS
Software
nginx /
Resource Hash
d6357aa9c49cccd7e453a61d56fd27bbbf2e8cd09c6f2f3540e9d085e4656830
Security Headers
Name Value
Content-Security-Policy script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://eseances.payerne.swiss
allow
GET, POST, HEAD, OPTIONS, DELETE, PUT
cache-control
private
content-encoding
deflate
content-length
4741
content-security-policy
script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Sun, 18 Aug 2024 01:31:57 GMT
feature-policy
accelerometer 'none'; geolocation 'self' *.otpone.com *.eseances.app; gyroscope 'none'; magnetometer 'none'; payment 'none'; usb 'none'
referrer-policy
strict-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
all
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
https://eseances.payerne.swiss
allow
GET, POST, HEAD, OPTIONS, DELETE, PUT
cache-control
private
content-encoding
deflate
content-length
117
content-security-policy
script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Sun, 18 Aug 2024 01:31:57 GMT
feature-policy
accelerometer 'none'; geolocation 'self' *.otpone.com *.eseances.app; gyroscope 'none'; magnetometer 'none'; payment 'none'; usb 'none'
location
/Pages/Authentication/Login.aspx
referrer-policy
strict-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
all
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block
style.min.css
eseances.payerne.swiss/Content/Styles/ 		685 KB
687 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eseances.payerne.swiss/Content/Styles/style.min.css?v=28062024134006
Requested by
Host: eseances.payerne.swiss
URL: https://eseances.payerne.swiss/Pages/Authentication/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
145.232.236.228 Attalens, Switzerland, ASN15675 (ETAT-DE-VAUD, CH),
Reverse DNS
Software
nginx /
Resource Hash
e1c117e575d19b33f0cd68d93cfb2b4e18208ced1b5e8b789a47d7421f294f4f
Security Headers
Name Value
Content-Security-Policy script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eseances.payerne.swiss/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:31:57 GMT
content-security-policy
script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
701430
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
strict-origin
last-modified
Fri, 28 Jun 2024 11:40:06 GMT
server
nginx
etag
"7df22aec4fc9da1:0"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD, OPTIONS, DELETE, PUT
content-type
text/css
access-control-allow-origin
https://eseances.payerne.swiss
cache-control
max-age=604800
feature-policy
accelerometer 'none'; geolocation 'self' *.otpone.com *.eseances.app; gyroscope 'none'; magnetometer 'none'; payment 'none'; usb 'none'
accept-ranges
bytes
x-robots-tag
all
logo.png
eseances.payerne.swiss/Content/Images/instance/Custom/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eseances.payerne.swiss/Content/Images/instance/Custom/logo.png
Requested by
Host: eseances.payerne.swiss
URL: https://eseances.payerne.swiss/Pages/Authentication/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
145.232.236.228 Attalens, Switzerland, ASN15675 (ETAT-DE-VAUD, CH),
Reverse DNS
Software
nginx /
Resource Hash
41268bf4e27d4115d5a342809aba3c9cf76e377f39ec278bae1df7c37748c89f
Security Headers
Name Value
Content-Security-Policy script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eseances.payerne.swiss/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:31:57 GMT
content-security-policy
script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
9537
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
strict-origin
last-modified
Thu, 26 Aug 2021 15:31:36 GMT
server
nginx
etag
"0fcb8748f9ad71:0"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD, OPTIONS, DELETE, PUT
content-type
image/png
access-control-allow-origin
https://eseances.payerne.swiss
cache-control
max-age=604800
feature-policy
accelerometer 'none'; geolocation 'self' *.otpone.com *.eseances.app; gyroscope 'none'; magnetometer 'none'; payment 'none'; usb 'none'
accept-ranges
bytes
x-robots-tag
all
de.js
eseances.payerne.swiss/Content/Scripts/lang/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eseances.payerne.swiss/Content/Scripts/lang/de.js
Requested by
Host: eseances.payerne.swiss
URL: https://eseances.payerne.swiss/Pages/Authentication/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
145.232.236.228 Attalens, Switzerland, ASN15675 (ETAT-DE-VAUD, CH),
Reverse DNS
Software
nginx /
Resource Hash
ef59be24e57802a08359c2af8897388000886f4824a1af716d121be653c2c440
Security Headers
Name Value
Content-Security-Policy script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eseances.payerne.swiss/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:31:57 GMT
content-security-policy
script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
8926
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
strict-origin
last-modified
Sat, 17 Aug 2024 09:34:50 GMT
server
nginx
etag
"df7ebb488f0da1:0"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD, OPTIONS, DELETE, PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://eseances.payerne.swiss
cache-control
max-age=604800
feature-policy
accelerometer 'none'; geolocation 'self' *.otpone.com *.eseances.app; gyroscope 'none'; magnetometer 'none'; payment 'none'; usb 'none'
accept-ranges
bytes
x-robots-tag
all
script-login.min.js
eseances.payerne.swiss/Content/Scripts/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://eseances.payerne.swiss/Content/Scripts/script-login.min.js?v=28062024104758
Requested by
Host: eseances.payerne.swiss
URL: https://eseances.payerne.swiss/Pages/Authentication/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
145.232.236.228 Attalens, Switzerland, ASN15675 (ETAT-DE-VAUD, CH),
Reverse DNS
Software
nginx /
Resource Hash
c06fa902f9455c153aebaf40a634f0df7250a030ec12ea08ce955e288301a68a
Security Headers
Name Value
Content-Security-Policy script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eseances.payerne.swiss/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:31:57 GMT
content-security-policy
script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
1182562
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
strict-origin
last-modified
Fri, 28 Jun 2024 08:47:58 GMT
server
nginx
etag
"033ae037c9da1:0"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD, OPTIONS, DELETE, PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://eseances.payerne.swiss
cache-control
max-age=604800
feature-policy
accelerometer 'none'; geolocation 'self' *.otpone.com *.eseances.app; gyroscope 'none'; magnetometer 'none'; payment 'none'; usb 'none'
accept-ranges
bytes
x-robots-tag
all
elastic-apm-rum.umd.min.js
eseances.payerne.swiss/Content/Scripts/ 		57 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eseances.payerne.swiss/Content/Scripts/elastic-apm-rum.umd.min.js?v=28062024104756
Requested by
Host: eseances.payerne.swiss
URL: https://eseances.payerne.swiss/Pages/Authentication/Login.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
145.232.236.228 Attalens, Switzerland, ASN15675 (ETAT-DE-VAUD, CH),
Reverse DNS
Software
nginx /
Resource Hash
3404181bd40b62b49e7906083f2f24f4f5c2203c7c382d887df652516b326b85
Security Headers
Name Value
Content-Security-Policy script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eseances.payerne.swiss/
Origin
https://eseances.payerne.swiss
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:31:57 GMT
content-security-policy
script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
58507
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
strict-origin
last-modified
Fri, 28 Jun 2024 08:47:56 GMT
server
nginx
etag
"06d9de37c9da1:0"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD, OPTIONS, DELETE, PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://eseances.payerne.swiss
cache-control
max-age=604800
feature-policy
accelerometer 'none'; geolocation 'self' *.otpone.com *.eseances.app; gyroscope 'none'; magnetometer 'none'; payment 'none'; usb 'none'
accept-ranges
bytes
x-robots-tag
all
Roboto-Regular.woff2
eseances.payerne.swiss/Content/fonts/roboto/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://eseances.payerne.swiss/Content/fonts/roboto/Roboto-Regular.woff2
Requested by
Host: eseances.payerne.swiss
URL: https://eseances.payerne.swiss/Content/Styles/style.min.css?v=28062024134006
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
145.232.236.228 Attalens, Switzerland, ASN15675 (ETAT-DE-VAUD, CH),
Reverse DNS
Software
nginx /
Resource Hash
02a7cd67c545041654af047f04ce327f2df086386eab421adc16269010c50365
Security Headers
Name Value
Content-Security-Policy script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eseances.payerne.swiss/
Origin
https://eseances.payerne.swiss
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:31:57 GMT
content-security-policy
script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
64832
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
strict-origin
last-modified
Fri, 28 Jun 2024 08:47:58 GMT
server
nginx
etag
"033ae037c9da1:0"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD, OPTIONS, DELETE, PUT
content-type
application/font-woff2
access-control-allow-origin
https://eseances.payerne.swiss
cache-control
max-age=604800
feature-policy
accelerometer 'none'; geolocation 'self' *.otpone.com *.eseances.app; gyroscope 'none'; magnetometer 'none'; payment 'none'; usb 'none'
accept-ranges
bytes
x-robots-tag
all
MaterialIcons-Regular.woff2
eseances.payerne.swiss/Content/fonts/material-design-icons/ 		81 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://eseances.payerne.swiss/Content/fonts/material-design-icons/MaterialIcons-Regular.woff2
Requested by
Host: eseances.payerne.swiss
URL: https://eseances.payerne.swiss/Content/Styles/style.min.css?v=28062024134006
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
145.232.236.228 Attalens, Switzerland, ASN15675 (ETAT-DE-VAUD, CH),
Reverse DNS
Software
nginx /
Resource Hash
0fccaba10a6f23830988222714d621d46fadf4301f8c756f2ec9d994036c6525
Security Headers
Name Value
Content-Security-Policy script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eseances.payerne.swiss/
Origin
https://eseances.payerne.swiss
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:31:57 GMT
content-security-policy
script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
82512
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
strict-origin
last-modified
Fri, 28 Jun 2024 08:47:58 GMT
server
nginx
etag
"033ae037c9da1:0"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD, OPTIONS, DELETE, PUT
content-type
application/font-woff2
access-control-allow-origin
https://eseances.payerne.swiss
cache-control
max-age=604800
feature-policy
accelerometer 'none'; geolocation 'self' *.otpone.com *.eseances.app; gyroscope 'none'; magnetometer 'none'; payment 'none'; usb 'none'
accept-ranges
bytes
x-robots-tag
all
favicon.ico
eseances.payerne.swiss/Content/Images/favicons/ 		526 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://eseances.payerne.swiss/Content/Images/favicons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
145.232.236.228 Attalens, Switzerland, ASN15675 (ETAT-DE-VAUD, CH),
Reverse DNS
Software
nginx /
Resource Hash
ed92c6ec303edcf2bf6d2088bd01ee83f66452205e0516eb1edec25392f8fa79
Security Headers
Name Value
Content-Security-Policy script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eseances.payerne.swiss/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:31:58 GMT
content-security-policy
script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
526
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
strict-origin
last-modified
Fri, 28 Jun 2024 11:40:06 GMT
server
nginx
etag
"3e524cec4fc9da1:0"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD, OPTIONS, DELETE, PUT
content-type
image/x-icon
access-control-allow-origin
https://eseances.payerne.swiss
cache-control
max-age=604800
feature-policy
accelerometer 'none'; geolocation 'self' *.otpone.com *.eseances.app; gyroscope 'none'; magnetometer 'none'; payment 'none'; usb 'none'
accept-ranges
bytes
x-robots-tag
all
favicon-32x32.png
eseances.payerne.swiss/Content/Images/favicons/ 		526 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://eseances.payerne.swiss/Content/Images/favicons/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
145.232.236.228 Attalens, Switzerland, ASN15675 (ETAT-DE-VAUD, CH),
Reverse DNS
Software
nginx /
Resource Hash
ed92c6ec303edcf2bf6d2088bd01ee83f66452205e0516eb1edec25392f8fa79
Security Headers
Name Value
Content-Security-Policy script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eseances.payerne.swiss/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:31:58 GMT
content-security-policy
script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
526
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
strict-origin
last-modified
Fri, 28 Jun 2024 11:40:06 GMT
server
nginx
etag
"96b44eec4fc9da1:0"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD, OPTIONS, DELETE, PUT
content-type
image/png
access-control-allow-origin
https://eseances.payerne.swiss
cache-control
max-age=604800
feature-policy
accelerometer 'none'; geolocation 'self' *.otpone.com *.eseances.app; gyroscope 'none'; magnetometer 'none'; payment 'none'; usb 'none'
accept-ranges
bytes
x-robots-tag
all
favicon-16x16.png
eseances.payerne.swiss/Content/Images/favicons/ 		206 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://eseances.payerne.swiss/Content/Images/favicons/favicon-16x16.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
145.232.236.228 Attalens, Switzerland, ASN15675 (ETAT-DE-VAUD, CH),
Reverse DNS
Software
nginx /
Resource Hash
c373de013b5874e201296df6a20412b7ea710ecf6716faebe5791f14749405bf
Security Headers
Name Value
Content-Security-Policy script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eseances.payerne.swiss/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 01:31:58 GMT
content-security-policy
script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
206
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
strict-origin
last-modified
Fri, 28 Jun 2024 11:40:06 GMT
server
nginx
etag
"3e524cec4fc9da1:0"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD, OPTIONS, DELETE, PUT
content-type
image/png
access-control-allow-origin
https://eseances.payerne.swiss
cache-control
max-age=604800
feature-policy
accelerometer 'none'; geolocation 'self' *.otpone.com *.eseances.app; gyroscope 'none'; magnetometer 'none'; payment 'none'; usb 'none'
accept-ranges
bytes
x-robots-tag
all
events
monitoring.artionet.group/intake/v2/rum/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://monitoring.artionet.group:8200/intake/v2/rum/events
Requested by
Host: eseances.payerne.swiss
URL: https://eseances.payerne.swiss/Content/Scripts/elastic-apm-rum.umd.min.js?v=28062024104756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.15.218.88 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),
Reverse DNS
ov-877d83.ch2.infomaniak.ch
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Content-Encoding
gzip
Referer
https://eseances.payerne.swiss/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-ndjson

Response headers

access-control-allow-origin
https://eseances.payerne.swiss
date
Sun, 18 Aug 2024 01:31:58 GMT
x-content-type-options
nosniff
content-length
0
events
monitoring.artionet.group/intake/v2/rum/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://monitoring.artionet.group:8200/intake/v2/rum/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.15.218.88 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),
Reverse DNS
ov-877d83.ch2.infomaniak.ch
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type
Access-Control-Request-Method
POST
Origin
https://eseances.payerne.swiss
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Content-Encoding, Accept
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://eseances.payerne.swiss
access-control-expose-headers
Etag
access-control-max-age
3600
content-length
0
date
Sun, 18 Aug 2024 01:31:58 GMT
vary
Origin
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Translate number| validation object| FullCalendar function| jQuery function| _createClass function| _classCallCheck function| Vel function| getTime function| showModalOverlay function| hideModalOverlay function| DisplayToast function| detectIE object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| Dropify object| FilePond object| __framePainter function| DataTable function| moment object| classie object| FullCalendarVDom function| Hammer object| Materialize object| Waves function| FilePondPluginFileRename function| FilePondPluginFileValidateType function| FilePondPluginFileValidateSize function| SearchIndex function| Bloodhound object| elasticApm function| validate_field

2 Cookies

Domain/Path Name / Value
eseances.payerne.swiss/ Name: ASP.NET_SessionId
Value: 0acoof2whblfe4shpldlswik
eseances.payerne.swiss/ Name: __AntiXsrfToken
Value: 107e848c6fcd4ffe9b68f7ff4fd6378b

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: '*.otpone.com'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: '*.eseances.app'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.jit.si visio.eseances.ch *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; object-src 'self'; style-src 'self' data: 'unsafe-inline' *.jit.si *.googleapis.com *.webspellchecker.net *.usersnap.com *.otpone.com *.eseances.app *.duosecurity.com; img-src 'self' data: *.jit.si *.googleapis.com *.usersnap.com *.otpone.com *.eseances.app *.eseances.ch *.webspellchecker.net *.duosecurity.com; media-src 'self'; frame-src 'self' *.eseances.ch *.jit.si *.duosecurity.com blob:; font-src 'self' *.jit.si fonts.gstatic.com *.webspellchecker.net; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block