www.bancastato.ch Open in urlscan Pro
217.26.33.87 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bancastato.ch/
Effective URL:
https://www.bancastato.ch/
Submission: On May 20 via api (May 20th 2024, 2:14:54 pm UTC) from US — Scanned from CH

Summary HTTP 56 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 56 HTTP transactions. The main IP is 217.26.33.87, located in Switzerland and belongs to BSOURCE-AS, CH. The main domain is www.bancastato.ch.
TLS certificate: Issued by Thawte EV RSA CA G2 on January 18th 2024. Valid for: a year.

This is the only time www.bancastato.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	217.26.33.87 217.26.33.87	197312 (BSOURCE-AS) (BSOURCE-AS)
1 7	217.26.33.63 217.26.33.63	197312 (BSOURCE-AS) (BSOURCE-AS)
13	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
56	5

35 217.26.33.87 (Switzerland)

ASN197312 (BSOURCE-AS, CH)

www.bancastato.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prd-analytics.bancastato.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 217.26.33.63 (Switzerland) 1 redirects

ASN197312 (BSOURCE-AS, CH)

www.inlinea.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	bancastato.ch www.bancastato.ch prd-analytics.bancastato.ch	3 MB
13	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 312	182 KB
7	inlinea.ch 1 redirects www.inlinea.ch	787 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 533	295 B
56	4

	Domain	Requested by
34	www.bancastato.ch	www.bancastato.ch
13	cdn.cookielaw.org	www.bancastato.ch cdn.cookielaw.org
7	www.inlinea.ch	1 redirects www.bancastato.ch www.inlinea.ch
1	geolocation.onetrust.com	cdn.cookielaw.org
1	prd-analytics.bancastato.ch	www.bancastato.ch
56	5

This site contains links to these domains. Also see Links.

Domain
www.inlinea.ch
www.instagram.com
www.facebook.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.bancastato.ch Thawte EV RSA CA G2	`2024-01-18` - `2025-02-17`	a year	crt.sh
www.inlinea.ch Thawte EV RSA CA G2	`2024-02-05` - `2025-03-07`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
prd-analytics.bancastato.ch Thawte RSA CA 2018	`2023-05-15` - `2024-06-14`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.bancastato.ch/
Frame ID: 346DAC20232C2F424E08BADB3ED5719F
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Homepage | www.bancastato.ch

Page URL History Show full URLs

http://www.bancastato.ch/ HTTP 307
https://www.bancastato.ch/ Page URL

Detected technologies

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

96 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

4070 kB
Transfer

5780 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.inlinea.ch/auth-avaloq/login
Title: E-banking

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bancastatoeventi/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bancastatoeventi/

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bancastato.ch/ HTTP 307
https://www.bancastato.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.inlinea.ch/unblu/js-api/v2/visitor/visitor-api.min.js HTTP 302
https://www.inlinea.ch/unblu/static/js-api/xmd1712652403707/v2/visitor-js-api.min.js

Request Chain 36

https://prd-analytics.bancastato.ch/matomo.php?action_name=Homepage%20%7C%20www.bancastato.ch&idsite=1&rec=1&r=056935&h=16&m=14&s=49&url=https%3A%2F%2Fwww.bancastato.ch%2F&_id=5c7036ca20d0d545&_idts=1716214489&_idvc=1&_idn=0&_refts=0&_viewts=1716214489&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=93&pv_id=xeSh3d HTTP 303
https://prd-analytics.bancastato.ch/error_path/400.html?al_req_id=Zkta2dG6QI-F1aMW1_mvqQAAAUQ

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.bancastato.ch/
Redirect Chain

http://www.bancastato.ch/
https://www.bancastato.ch/

100 KB
103 KB

91ms
24ms

Document
text/html

217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

898c0feba8555d248c7cf6068803736a3bcb3840ce3084de4ab881245c7e1446

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=600, public
Connection: Keep-Alive
Content-Length: 102660
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Type: text/html;charset=UTF-8
Date: Mon, 20 May 2024 14:14:48 GMT
Expires: Mon, 20 May 2024 14:24:48 GMT
Keep-Alive: timeout=10, max=500
Last-Modified: Mon, 20 May 2024 13:37:26 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Magnolia-Registration: Registered
X-XSS-Protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.bancastato.ch/
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK all.min~2024-03-25-10-46-40-000~cache.css
www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/ 725 KB
98 KB 79ms
30ms Stylesheet
text/css 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

a08dc4a032a37d5a242a110e0ee7f6c06e64ddcb60b2042453a2fdfd47af5778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:48 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=10, max=500
Expires: Tue, 20 May 2025 14:14:48 GMT

GET
H/1.1 200
OK style-integration~2024-03-25-10-46-40-000~cache.css
www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/ 5 KB
4 KB 77ms
28ms Stylesheet
text/css 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/style-integration~2024-03-25-10-46-40-000~cache.css

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

ef83cb697d53e094cd0240d15be9e29e81557c8d4c9c212f1c2acc4cc2ca1ac8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:48 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=10, max=499
Expires: Tue, 20 May 2025 14:14:48 GMT

GET
H/1.1 200
OK jquery-3.7.1.min~2024-02-22-09-44-26-000~cache.js Show response
www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/vendor/ 85 KB
32 KB 72ms
22ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/vendor/jquery-3.7.1.min~2024-02-22-09-44-26-000~cache.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

7aa6b0e08f48a0f95d8df7ea89e4cbfe1ef3d1e8c0f7373f7f25edfb4e4a325e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:48 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 22 Feb 2024 09:44:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=10, max=500
Expires: Tue, 20 May 2025 14:14:48 GMT

GET
H/1.1 200
OK visitor.js Show response
www.inlinea.ch/unblu/ 2 KB
4 KB 155ms
92ms Script
application/javascript 217.26.33.63
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inlinea.ch/unblu/visitor.js?x-unblu-apikey=0PB5EOF5RnKfbCrL8wtEgw

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.63 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

fecc2245347d555069c65e9483037edb08b7c7d8b74d069c852fdb68eae293fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' .opentok.com .tokbox.com wss://.tokbox.com 'unsafe-eval'; connect-src wss: 'self' .opentok.com .tokbox.com wss://.tokbox.com ws: data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
Date: Mon, 20 May 2024 14:14:49 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com 'unsafe-eval'; connect-src wss: 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com ws: data:;
X-Content-Type-Options: nosniff
strict-transport-security: max-age=31536000
Server: Apache
x-unblu-start-time: 1712652403707
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
cache-control: no-cache, no-store, must-revalidate, max-age=1
Connection: Keep-Alive
Keep-Alive: timeout=10, max=500
X-XSS-Protection: 1; mode=block
expires: Sun, 19 May 2024 14:14:49 GMT

GET
H/1.1

200
OK

visitor-js-api.min.js Show response
www.inlinea.ch/unblu/static/js-api/xmd1712652403707/v2/
Redirect Chain

https://www.inlinea.ch/unblu/js-api/v2/visitor/visitor-api.min.js
https://www.inlinea.ch/unblu/static/js-api/xmd1712652403707/v2/visitor-js-api.min.js

32 KB
34 KB

25ms
24ms

Script
application/javascript

217.26.33.63
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inlinea.ch/unblu/static/js-api/xmd1712652403707/v2/visitor-js-api.min.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Server

217.26.33.63 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

3ca390e599307e3d3c40ce26738c025d3363f9956d18918de74b29ae5d33903d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' .opentok.com .tokbox.com wss://.tokbox.com 'unsafe-eval'; connect-src wss: 'self' .opentok.com .tokbox.com wss://.tokbox.com ws: data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com 'unsafe-eval'; connect-src wss: 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com ws: data:;
X-Content-Type-Options: nosniff
strict-transport-security: max-age=31536000
Connection: Keep-Alive
Content-Length: 32916
X-XSS-Protection: 1; mode=block
last-modified: Wed, 20 Apr 2022 16:22:50 GMT
Server: Apache
vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
cache-control: max-age=315532800,public
accept-ranges: bytes
Keep-Alive: timeout=10, max=499
expires: Mon, 17 Apr 2034 09:36:59 GMT

Redirect headers

Date: Mon, 20 May 2024 14:14:49 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com 'unsafe-eval'; connect-src wss: 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com ws: data:;
X-Content-Type-Options: nosniff
strict-transport-security: max-age=31536000
Server: Apache
x-unblu-start-time: 1712652403707
X-Frame-Options: SAMEORIGIN
location: https://www.inlinea.ch/unblu/static/js-api/xmd1712652403707/v2/visitor-js-api.min.js
cache-control: max-age=60,public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=500
Content-Length: 0
X-XSS-Protection: 1; mode=block
expires: Mon, 20 May 2024 14:15:49 GMT

GET
H/1.1 200
OK polyfill.min.js Show response
www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/ 3 KB
4 KB 79ms
26ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/polyfill.min.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

9230df14164558edda90752e80110204d9ce145fbea632d969493e54ab333a70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:48 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 22 Feb 2024 09:44:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=3600, public
Keep-Alive: timeout=10, max=500
Expires: Mon, 20 May 2024 15:14:48 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/49cf5428-5c54-406c-8ffe-2673ecccc5b4/ 5 KB
2 KB 109ms
48ms Script
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/49cf5428-5c54-406c-8ffe-2673ecccc5b4/OtAutoBlock.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d870a2be4ceb379e084ef102f1b57e01d5026bdaa6549fcd9d5000cc2f975d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 May 2024 14:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 86046
content-md5: vdgMJgSLVxTmtfmGVwJ8rQ==
content-length: 1837
x-ms-lease-status: unlocked
last-modified: Tue, 26 Mar 2024 14:07:26 GMT
server: cloudflare
etag: 0x8DC4D9E112529B4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8b74dbe7-601e-0006-7a86-7f0a3c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 886cef6bf99d0e16-MXP
expires: Tue, 21 May 2024 14:14:48 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 91ms
30ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 May 2024 14:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Dw6K+rTuf8kOuPIEBw1QQA==
age: 7
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6881
x-ms-lease-status: unlocked
last-modified: Thu, 16 May 2024 19:34:05 GMT
server: cloudflare
etag: 0x8DC75DF260606B3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 69f2aff5-101e-005b-0c74-a84615000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 886cef6bf99e0e16-MXP
expires: Tue, 21 May 2024 14:14:48 GMT

GET
H/1.1 200
OK logo-bancastato.svg
www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/ 6 KB
5 KB 79ms
27ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/logo-bancastato.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

7e13c30013899b6784ab280bdb537a991a0d97a7f5da27c1bc5c8d8f300cc586

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:48 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=3600, public
Keep-Alive: timeout=10, max=500
Expires: Mon, 20 May 2024 15:14:48 GMT

GET
H/1.1 200
OK Pacchetti1920x704px.jpg
www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/Pacchetti1920x704px.jpg/jcr:content/ 1 MB
1 MB 84ms
61ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/Pacchetti1920x704px.jpg/jcr:content/Pacchetti1920x704px.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

8dea63df662b256f541b207be4e598aa7c28604f310aa5db11d8618c9c61cc34

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:48 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=500
X-XSS-Protection: 1; mode=block
Expires: Mon, 20 May 2024 14:24:48 GMT

GET
H/1.1 200
OK FondiR3.jpg
www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/FondiR3.jpg/jcr:content/ 660 KB
663 KB 62ms
61ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/FondiR3.jpg/jcr:content/FondiR3.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

68c86f50b40b3d99996fe39978c93cf628563444dc8a19bcdbc65ffae2521ac0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:48 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=499
X-XSS-Protection: 1; mode=block
Expires: Mon, 20 May 2024 14:24:48 GMT

GET
H/1.1 200
OK homepageDicembre2023.jpg
www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/homepageDicembre2023.jpg/jcr:content/ 141 KB
144 KB 23ms
23ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/homepageDicembre2023.jpg/jcr:content/homepageDicembre2023.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

fe2ee45b2e865d648dd94b3cb200d24cf31846741102d9384277daf326232f9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 20 May 2024 13:37:26 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=499
Content-Length: 144396
X-XSS-Protection: 1; mode=block
Expires: Mon, 20 May 2024 14:24:49 GMT

GET
H/1.1 200
OK ristrutturare_casa_icon.svg
www.bancastato.ch/dam/jcr:c348aa0c-eb45-4984-8c25-a1219d83d142/ 2 KB
4 KB 27ms
26ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:c348aa0c-eb45-4984-8c25-a1219d83d142/ristrutturare_casa_icon.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

6fe53b4d34110d4b8591196abda67dbb539b594613f352bc9aab10b55cf3c016

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:14 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=499
Expires: Mon, 20 May 2024 14:24:49 GMT

GET
H/1.1 200
OK comprare_casa_icon.svg
www.bancastato.ch/dam/jcr:f9dd45d2-86f5-42c6-9dce-cde737b6da18/ 3 KB
4 KB 24ms
23ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:f9dd45d2-86f5-42c6-9dce-cde737b6da18/comprare_casa_icon.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

49f7cd749db705c8a8d211cd8a4eef6e9d2f892fa41e419cd872d80071566c91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:14 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=498
Expires: Mon, 20 May 2024 14:24:49 GMT

GET
H/1.1 200
OK vita_sostenibile.svg
www.bancastato.ch/dam/jcr:eab26f6f-e692-4bd6-8d20-9f6dc021cf6e/ 3 KB
4 KB 101ms
22ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:eab26f6f-e692-4bd6-8d20-9f6dc021cf6e/vita_sostenibile.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

eda9e9de8160614499326480a28c0697dd04021d3c4ac63fe5736f0dc9b12761

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:13 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=497
Expires: Mon, 20 May 2024 14:24:49 GMT

GET
H/1.1 200
OK budget_famiglia_icon.svg
www.bancastato.ch/dam/jcr:76749703-57ab-47c4-bded-27f9a6dd5fe5/ 4 KB
4 KB 23ms
23ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:76749703-57ab-47c4-bded-27f9a6dd5fe5/budget_famiglia_icon.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

10eae1e0c8623ca5379a5e9e06012355bab8d235e39813d94e03a50bf8c075dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=496
Expires: Mon, 20 May 2024 14:24:49 GMT

GET
H/1.1 200
OK situazione_finanziaria_icon.svg
www.bancastato.ch/dam/jcr:1729657f-2098-40dc-9e7b-f0cf97629ec8/ 7 KB
5 KB 25ms
25ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:1729657f-2098-40dc-9e7b-f0cf97629ec8/situazione_finanziaria_icon.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

f733ec258245b619fe5ea835141e8bee2e0b09e9e5de27fab7823fa97d71e4bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:14 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=498
Expires: Mon, 20 May 2024 14:24:49 GMT

GET
H/1.1 200
OK successione_icon.svg
www.bancastato.ch/dam/jcr:c7dfef96-2d51-40fb-a41d-277c00c6f858/ 3 KB
4 KB 25ms
25ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:c7dfef96-2d51-40fb-a41d-277c00c6f858/successione_icon.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

7f7ff0ab36975126c2daa004e333a3f5854b59a80d9c437847f47d1079e6dc1b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:13 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=496
Expires: Mon, 20 May 2024 14:24:49 GMT

GET
H/1.1 200
OK attivita_propria_icon.svg
www.bancastato.ch/dam/jcr:5cf1ac18-62a8-44a4-a35e-032b525e8058/ 9 KB
6 KB 22ms
22ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:5cf1ac18-62a8-44a4-a35e-032b525e8058/attivita_propria_icon.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

2e85693143ed79c585888f5763d4b0c848b365a3a5c6d3e6b4b025f3e1bd5dc5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=497
Expires: Mon, 20 May 2024 14:24:49 GMT

GET
H/1.1 200
OK pensione_icon.svg
www.bancastato.ch/dam/jcr:3e750877-907b-418d-9912-b0733463ca62/ 11 KB
6 KB 22ms
22ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:3e750877-907b-418d-9912-b0733463ca62/pensione_icon.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

1e19bb616cbb7296fcd63fb3ca0fd2feb036c75672819ba3485f96de052b2918

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:14 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=495
Expires: Mon, 20 May 2024 14:24:49 GMT

GET
H/1.1 200
OK mandato-pubblico-garanziaStato.jpg
www.bancastato.ch/dam/jcr:6661634e-0ccf-4c32-9d3e-8cce6d99acb5/ 69 KB
72 KB 22ms
22ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:6661634e-0ccf-4c32-9d3e-8cce6d99acb5/mandato-pubblico-garanziaStato.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

902274bd47aefaa6d5445e26545afb9beb51be3235ba4328d0c03061a23d9ff8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Disposition: attachment; filename="mandato-pubblico-garanziaStato.jpg"
Connection: Keep-Alive
Content-Length: 71164
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 22 Jul 2019 08:44:32 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=499
Expires: Mon, 20 May 2024 14:24:49 GMT

GET
H/1.1 200
OK Pagina%20eventi%20635x554-02.jpg
www.bancastato.ch/dam/jcr:3aecbba4-7152-4395-9b39-3efce885577a/ 144 KB
146 KB 25ms
25ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:3aecbba4-7152-4395-9b39-3efce885577a/Pagina%20eventi%20635x554-02.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

cc45ca4ae13e6ad389e97d0e27c166830d4670ba81a3e5240caa8df9e24ae102

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Disposition: attachment; filename="Pagina eventi 635x554-02.jpg"
Connection: Keep-Alive
Content-Length: 147125
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Tue, 25 Apr 2023 13:54:27 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=495
Expires: Mon, 20 May 2024 14:24:49 GMT

GET
H/1.1 200
OK TiHome.jpg
www.bancastato.ch/dam/jcr:48260176-d42f-4f32-b1a7-1a1ac7a0e620/ 76 KB
79 KB 27ms
26ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:48260176-d42f-4f32-b1a7-1a1ac7a0e620/TiHome.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

22af2cb27167705fe5fb843dc6f737bdae9be8751437754e5145c2d87ba05dd0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Disposition: attachment; filename="TiHome.jpg"
Connection: Keep-Alive
Content-Length: 77860
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 22 Jul 2019 08:44:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=497
Expires: Mon, 20 May 2024 14:24:49 GMT

GET
H/1.1 200
OK logo-bancastato-white.svg
www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/ 6 KB
5 KB 26ms
26ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/logo-bancastato-white.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

0166fcc93e70f0cc0d0e262b6d0bce75d7b0308062206192d6ff502f97401812

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=3600, public
Keep-Alive: timeout=10, max=495
Expires: Mon, 20 May 2024 15:14:49 GMT

GET
H/1.1 200
OK all.min~2024-03-25-10-46-40-000~cache.js Show response
www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/ 813 KB
194 KB 28ms
27ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/all.min~2024-03-25-10-46-40-000~cache.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

71a95f3047ec8c8ac3bbef725137ea93d9ea71d42b0a53fe434ee6e9c023bed7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=10, max=499
Expires: Tue, 20 May 2025 14:14:49 GMT

GET
H/1.1 200
OK matomo.js Show response
prd-analytics.bancastato.ch/ 66 KB
66 KB 108ms
31ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://prd-analytics.bancastato.ch/matomo.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Last-Modified: Thu, 21 Mar 2019 07:50:00 GMT
Server: Apache
ETag: "106ad-58495fc36da00"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=500
Content-Length: 67245
X-XSS-Protection: 1; mode=block

GET
H2 200 49cf5428-5c54-406c-8ffe-2673ecccc5b4.json Show response
cdn.cookielaw.org/consent/49cf5428-5c54-406c-8ffe-2673ecccc5b4/ 4 KB
2 KB 108ms
67ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/49cf5428-5c54-406c-8ffe-2673ecccc5b4/49cf5428-5c54-406c-8ffe-2673ecccc5b4.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

537884db9cf4c5b2089d63a2a22852ec9b3737f254e20b2f64f4c651cc897f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 May 2024 14:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 86047
content-md5: CZyfxPDsolDjxsnJz8SeoQ==
content-length: 1660
x-ms-lease-status: unlocked
last-modified: Tue, 26 Mar 2024 14:07:26 GMT
server: cloudflare
etag: 0x8DC4D9E112C7BAA
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 62bc51e4-a01e-0026-4a86-7f719b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 886cef6ceb904bdf-MXP
expires: Tue, 21 May 2024 14:14:49 GMT

GET
H/1.1 200
OK FuturaBT-Medium.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 49 KB
51 KB 29ms
26ms Font
application/font-woff2 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/FuturaBT-Medium.woff2

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

9473418c10073c7b3f3f3f7bfe6bc3f640e3a091ebc4c39cd6f44420011b5912

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css
Origin: https://www.bancastato.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=497
Content-Length: 50014
X-XSS-Protection: 1; mode=block
Expires: Mon, 20 May 2024 15:14:49 GMT

GET
H/1.1 200
OK icomoon.ttf
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 57 KB
60 KB 31ms
25ms Font
application/x-font-ttf 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/icomoon.ttf?mil9qe

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

6aaea2e4447f9c01aa39e247f2c3a8b723e58c6895c751254401cf667853af6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css
Origin: https://www.bancastato.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/x-font-ttf;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=498
X-XSS-Protection: 1; mode=block
Expires: Mon, 20 May 2024 15:14:49 GMT

GET
H/1.1 200
OK roboto-medium-webfont.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 19 KB
22 KB 74ms
29ms Font
application/font-woff2 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/roboto-medium-webfont.woff2

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

6e858a5202e480d17bbc81eacc216943fb9c7eea727263e08f30cb5cc468bec8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css
Origin: https://www.bancastato.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=498
Content-Length: 19716
X-XSS-Protection: 1; mode=block
Expires: Mon, 20 May 2024 15:14:49 GMT

GET
H/1.1 200
OK FuturaBT-Bold.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 50 KB
53 KB 92ms
29ms Font
application/font-woff2 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/FuturaBT-Bold.woff2

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

11ebc0e2ec3e972f3bcecd1aa31e3a6167654dc76b0f8d93c2069712175eddeb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css
Origin: https://www.bancastato.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=497
Content-Length: 51680
X-XSS-Protection: 1; mode=block
Expires: Mon, 20 May 2024 15:14:49 GMT

GET
H/1.1 200
OK roboto-bold-webfont.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 19 KB
22 KB 93ms
29ms Font
application/font-woff2 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/roboto-bold-webfont.woff2

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

a60fca9f3aad41fafcd49e04e9ae88519efece6aa485de11c418a6c034f06b0c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css
Origin: https://www.bancastato.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=496
Content-Length: 19872
X-XSS-Protection: 1; mode=block
Expires: Mon, 20 May 2024 15:14:49 GMT

GET
H/1.1 200
OK roboto-regular-webfont.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 19 KB
22 KB 100ms
24ms Font
application/font-woff2 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/roboto-regular-webfont.woff2

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

0fea4ae61a79845e734c5df1c00ea48b1c35cda64f9abf9cab2642d381cb1040

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css
Origin: https://www.bancastato.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=498
Content-Length: 19652
X-XSS-Protection: 1; mode=block
Expires: Mon, 20 May 2024 15:14:49 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 104ms
47ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a09f06112dbd7c5b56e46a65f2e8a85dd3def2e3829844c607d930aca0762f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept: application/json
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 14:14:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 886cef6db95a5248-MXP
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK Barra-bilancioSocialeAmbientale.jpg
www.bancastato.ch/dam/jcr:89549bf8-5a61-4e6f-b660-af5ee0e38b77/ 120 KB
123 KB 29ms
29ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:89549bf8-5a61-4e6f-b660-af5ee0e38b77/Barra-bilancioSocialeAmbientale.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

465b2c629f5df9e676ab35968ddf7fde988646e1b0b0dfa5ae8fb83600946d7b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Disposition: attachment; filename="Barra-bilancioSocialeAmbientale.jpg"
Connection: Keep-Alive
Content-Length: 123016
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 22 Jul 2019 08:44:50 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=494
Expires: Mon, 20 May 2024 14:24:49 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/ 442 KB
107 KB 35ms
34ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 May 2024 14:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: s7qm2vbmUNglr6Jt5k9KHA==
age: 9205
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 109676
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:35 GMT
server: cloudflare
etag: 0x8DC49752A75EB01
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f463857b-001e-005d-3a08-7c3307000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 886cef6e3c440e16-MXP

GET

400.html
prd-analytics.bancastato.ch/error_path/
Redirect Chain

https://prd-analytics.bancastato.ch/matomo.php?action_name=Homepage%20%7C%20www.bancastato.ch&idsite=1&rec=1&r=056935&h=16&m=14&s=49&url=https%3A%2F%2Fwww.bancastato.ch%2F&_id=5c7036ca20d0d545&_idt...
https://prd-analytics.bancastato.ch/error_path/400.html?al_req_id=Zkta2dG6QI-F1aMW1_mvqQAAAUQ

0
0

GET
H/1.1 200
OK Initializer.js Show response
www.inlinea.ch/unblu/static/js/wp/xmd1712652403707/ 7 KB
8 KB 24ms
23ms Script
application/javascript 217.26.33.63
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inlinea.ch/unblu/static/js/wp/xmd1712652403707/Initializer.js

Requested by

Host: www.inlinea.ch
URL: https://www.inlinea.ch/unblu/visitor.js?x-unblu-apikey=0PB5EOF5RnKfbCrL8wtEgw

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.63 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

a4873963778e4f551c75d423b30652504b25cafa358b5e8c794183c43898fc6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' .opentok.com .tokbox.com wss://.tokbox.com 'unsafe-eval'; connect-src wss: 'self' .opentok.com .tokbox.com wss://.tokbox.com ws: data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com 'unsafe-eval'; connect-src wss: 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com ws: data:;
X-Content-Type-Options: nosniff
strict-transport-security: max-age=31536000
Connection: Keep-Alive
Content-Length: 7111
X-XSS-Protection: 1; mode=block
last-modified: Wed, 20 Apr 2022 16:21:22 GMT
Server: Apache
vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
cache-control: max-age=315532800,public
accept-ranges: bytes
Keep-Alive: timeout=10, max=498
expires: Mon, 17 Apr 2034 09:37:02 GMT

GET
H/1.1 200
OK IPCheckServlet Show response
www.bancastato.ch/ 135 B
3 KB 43ms
43ms XHR
text/html 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/IPCheckServlet?skp=t

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/vendor/jquery-3.7.1.min~2024-02-22-09-44-26-000~cache.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

0350f968110abfe9b3ea50e9f4567d60d73942253d90a941b43f72f45b15a080

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bancastato.ch/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=493
Expires: Mon, 20 May 2024 14:24:49 GMT

GET
H2 200 it.json Show response
cdn.cookielaw.org/consent/49cf5428-5c54-406c-8ffe-2673ecccc5b4/8fe93efa-3bef-4db9-9778-25d301ef2761/ 33 KB
9 KB 57ms
57ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/49cf5428-5c54-406c-8ffe-2673ecccc5b4/8fe93efa-3bef-4db9-9778-25d301ef2761/it.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cbeed89b5d779fb21980ebb0e2a7cc57c9be30d8df0d486ffc9a11d2d89af67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 May 2024 14:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 85655
content-md5: jCfw5RM7AJXnxdqt5JGncg==
content-length: 9292
x-ms-lease-status: unlocked
last-modified: Tue, 26 Mar 2024 14:07:27 GMT
server: cloudflare
etag: 0x8DC4D9E115BE907
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 18a6a095-001e-00a9-6186-7ff8f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 886cef6e9db74bdf-MXP
expires: Tue, 21 May 2024 14:14:49 GMT

GET
H/1.1 200
OK icomoon.ttf
www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/fonts/ 57 KB
60 KB 25ms
24ms Font
application/x-font-ttf 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/fonts/icomoon.ttf?gvp6vc

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/style-integration~2024-03-25-10-46-40-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

6aaea2e4447f9c01aa39e247f2c3a8b723e58c6895c751254401cf667853af6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/style-integration~2024-03-25-10-46-40-000~cache.css
Origin: https://www.bancastato.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Thu, 21 Mar 2024 09:37:14 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/x-font-ttf;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=492
X-XSS-Protection: 1; mode=block
Expires: Mon, 20 May 2024 15:14:49 GMT

GET
H/1.1 200
OK SiteIntegrationLazyMain.cfg Show response
www.inlinea.ch/unblu/config/xmd1715950597226/all/it/null/de-CH/https$www.bancastato.ch/0PB5EOF5RnKfbCrL8wtEgw/null/null/null/ 14 KB
16 KB 44ms
44ms Script
application/javascript 217.26.33.63
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inlinea.ch/unblu/config/xmd1715950597226/all/it/null/de-CH/https$www.bancastato.ch/0PB5EOF5RnKfbCrL8wtEgw/null/null/null/SiteIntegrationLazyMain.cfg

Requested by

Host: www.inlinea.ch
URL: https://www.inlinea.ch/unblu/static/js/wp/xmd1712652403707/Initializer.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.63 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

62386d8a8273031b38e78554c43a8aed04537629db132c6d1c7bdd51822a4988

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' .opentok.com .tokbox.com wss://.tokbox.com 'unsafe-eval'; connect-src wss: 'self' .opentok.com .tokbox.com wss://.tokbox.com ws: data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com 'unsafe-eval'; connect-src wss: 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com ws: data:;
X-Content-Type-Options: nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 09 Apr 2024 08:46:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
cache-control: max-age=315532800,private
Connection: Keep-Alive
Keep-Alive: timeout=10, max=497
Content-Length: 14838
X-XSS-Protection: 1; mode=block
expires: Sat, 20 May 2034 14:14:49 GMT

GET
H/1.1 200
OK SiteIntegrationLazyMain.js Show response
www.inlinea.ch/unblu/static/js/wp/xmd1712652403707/ 720 KB
722 KB 23ms
23ms Script
application/javascript 217.26.33.63
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inlinea.ch/unblu/static/js/wp/xmd1712652403707/SiteIntegrationLazyMain.js

Requested by

Host: www.inlinea.ch
URL: https://www.inlinea.ch/unblu/static/js/wp/xmd1712652403707/Initializer.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.63 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

b4b37801b95c0da035a6222a14b883cee80b755b9566ba73f773181ab11e6733

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' .opentok.com .tokbox.com wss://.tokbox.com 'unsafe-eval'; connect-src wss: 'self' .opentok.com .tokbox.com wss://.tokbox.com ws: data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com 'unsafe-eval'; connect-src wss: 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com ws: data:;
X-Content-Type-Options: nosniff
strict-transport-security: max-age=31536000
Connection: Keep-Alive
Content-Length: 737718
X-XSS-Protection: 1; mode=block
last-modified: Wed, 20 Apr 2022 16:21:22 GMT
Server: Apache
vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
cache-control: max-age=315532800,public
accept-ranges: bytes
Keep-Alive: timeout=10, max=496
expires: Mon, 17 Apr 2034 09:37:02 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 9 KB
3 KB 35ms
34ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 May 2024 14:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: RBOFTcRPmF4yYR6XnULb3g==
age: 86046
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2626
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:29 GMT
server: cloudflare
etag: 0x8DC49752714CA86
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d152b9dc-f01e-002b-0286-7fb94f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 886cef6f0e504bdf-MXP

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/ 64 KB
13 KB 37ms
37ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ed759f9b0f407aa73df997bddf186c37a1927d2b0f8d2f7031067ecacf7581d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 May 2024 14:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7tzHio7OPj2ZAFGPhlmmfg==
age: 86046
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12960
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:31 GMT
server: cloudflare
etag: 0x8DC497528076ACA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7a6ef5cb-001e-0000-0c86-7f3983000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 886cef6f0e524bdf-MXP

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 5 KB
2 KB 36ms
36ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 May 2024 14:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: k7yGPxSf903pvrcZkZ/tnw==
age: 86046
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1738
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:30 GMT
server: cloudflare
etag: 0x8DC497527AB27B4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 229e3ba8-401e-0063-4086-7fa478000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 886cef6f0e564bdf-MXP

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 24 KB
4 KB 38ms
38ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 May 2024 14:14:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
age: 86046
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f6640a67-601e-0074-2486-7f0d73000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 886cef6f0e574bdf-MXP

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
601 B 36ms
36ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 May 2024 14:14:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 65429
x-ms-lease-status: unlocked
last-modified: Thu, 16 May 2024 19:34:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ceec4c6b-d01e-002b-2c09-a835d1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 886cef6f5d910e16-MXP

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
509 B 33ms
32ms Fetch
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 May 2024 14:14:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 1289
x-ms-lease-status: unlocked
last-modified: Thu, 16 May 2024 19:34:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c0eb8d28-401e-002e-2c8a-a8c1ae000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 886cef6f5eb54bdf-MXP

GET
H2 200 logo-bancastato.jpg
cdn.cookielaw.org/logos/19903376-321d-48e4-bb04-fdfea1137229/c2303ba0-e6e3-496d-bacd-dd6544c8ebc5/e16f1d0b-fbff-4a55-aa81-4e75fada0566/ 29 KB
29 KB 39ms
39ms Image
image/jpeg 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/19903376-321d-48e4-bb04-fdfea1137229/c2303ba0-e6e3-496d-bacd-dd6544c8ebc5/e16f1d0b-fbff-4a55-aa81-4e75fada0566/logo-bancastato.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81dcc945def619ab8a342b22cfb70f5a93d0d417b79370d3431bfc817404b7c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 May 2024 14:14:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3hKdS1s6mJfSa1LnziVGww==
age: 67704
content-length: 29372
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Wed, 24 May 2023 21:15:33 GMT
server: cloudflare
etag: 0x8DB5C9C03105952
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 1092566a-201e-0091-6034-615c31000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 886cef6f6dae0e16-MXP

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 33ms
33ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 May 2024 14:14:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 60627
x-ms-lease-status: unlocked
last-modified: Thu, 16 May 2024 19:34:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b59d8306-901e-0005-0c8d-a8b516000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 886cef6f6db10e16-MXP

GET
H/1.1 200
OK favicon.ico
www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/favicons/ 1 KB
4 KB 23ms
22ms Other
image/x-icon 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/favicons/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

b73598b06d5b907f913068d2fcf34161aa1a9ce9ffb6681a912f106c53f94413

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: image/x-icon;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=491
Content-Length: 1150
X-XSS-Protection: 1; mode=block
Expires: Mon, 20 May 2024 15:14:49 GMT

GET
H/1.1 200
OK favicon.ico
www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/favicons/ 1 KB
0 0ms
0ms Other
image/x-icon 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/favicons/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

b73598b06d5b907f913068d2fcf34161aa1a9ce9ffb6681a912f106c53f94413

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
X-Content-Type-Options: nosniff
X-Magnolia-Registration: Registered
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/x-icon;charset=UTF-8
Cache-Control: max-age=3600, public
Content-Length: 1150
X-XSS-Protection: 1; mode=block
Expires: Mon, 20 May 2024 15:14:49 GMT

GET
H/1.1 200
OK favicon-32x32.png
www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/favicons/ 1 KB
4 KB 21ms
21ms Other
image/png 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/favicons/favicon-32x32.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

b20ce379151b1c1a67e47606231c8e4759ee83f10df06aa58cccb99627cbebd5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bancastato.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:49 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: image/png;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=490
Content-Length: 1390
X-XSS-Protection: 1; mode=block
Expires: Mon, 20 May 2024 15:14:49 GMT

POST
H/1.1 200
OK update Show response
www.inlinea.ch/unblu/rpc/visitorTracking/ 286 B
2 KB 33ms
33ms XHR
application/unblu-serialized-object 217.26.33.63
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inlinea.ch/unblu/rpc/visitorTracking/update?xvh=x-unblu-client~INITIAL*x-unblu-page~INITIAL*x-unblu-apikey~0PB5EOF5RnKfbCrL8wtEgw*x-unblu-referer~aHR0cHM6Ly93d3cuYmFuY2FzdGF0by5jaC8%253D*x-unblu-locale~it*x-unblu-timezone~Europe%252FZurich*content-type~application%252Funblu-serialized-object

Requested by

Host: www.inlinea.ch
URL: https://www.inlinea.ch/unblu/static/js/wp/xmd1712652403707/SiteIntegrationLazyMain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.63 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

a53399627b4aee2378868a684faa414242e72bde3113f78cbd2de8af4a890ad2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' .opentok.com .tokbox.com wss://.tokbox.com 'unsafe-eval'; connect-src wss: 'self' .opentok.com .tokbox.com wss://.tokbox.com ws: data:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain; charset=UTF-8
Accept: application/unblu-serialized-object
Referer: https://www.bancastato.ch/
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 14:14:52 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com 'unsafe-eval'; connect-src wss: 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com ws: data:;
X-Content-Type-Options: nosniff
strict-transport-security: max-age=31536000
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
pragma: no-cache
Server: Apache
x-unblu-start-time: 1712652403707
X-Frame-Options: SAMEORIGIN
Content-Type: application/unblu-serialized-object; charset=UTF-8
access-control-allow-origin: https://www.bancastato.ch
access-control-expose-headers: x-unblu-page, x-unblu-client, x-unblu-set-cookie
cache-control: no-cache, no-store, must-revalidate, max-age=1
access-control-allow-credentials: true
Keep-Alive: timeout=10, max=495
expires: Sun, 19 May 2024 14:14:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prd-analytics.bancastato.ch
URL: https://prd-analytics.bancastato.ch/error_path/400.html?al_req_id=Zkta2dG6QI-F1aMW1_mvqQAAAUQ

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bancastato.ch/	1969-12-31 23:59:59	Name: AL_SESS-S Value: AYUb9ukaMPA7MRRLl!4oRLu0d_c8V1snKwbKyebqPjqPzE7L4bivixwbvXIIrWOrkcFY
prd-analytics.bancastato.ch/	1969-12-31 23:59:59	Name: AL_SESS-S Value: AR2gCY0hhh05L2KaEFo1Zvcbtmu7CkT9IqWBwez9aO8tPrDBSCl0cPbGvukEZdlcIOLA
www.inlinea.ch/	1970-01-21 06:19:34	Name: x-unblu-device Value: $xc/dNki7DLpPyDHghyMlNNrmoRdQ5!pTqklTzMMwmHuXKeumLex
www.bancastato.ch/	1970-01-21 06:09:29	Name: _pk_id.1.8629 Value: 5c7036ca20d0d545.1716214489.1.1716214489.1716214489.
www.bancastato.ch/	1970-01-20 20:43:36	Name: _pk_ses.1.8629 Value: 1
.www.bancastato.ch/	1970-01-21 05:29:10	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+May+20+2024+16%3A14%3A49+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202403.1.0&browserGpcFlag=0&isIABGlobal=false&landingPath=https%3A%2F%2Fwww.bancastato.ch%2F&groups=C0004%3A0%2CC0003%3A0%2CC0002%3A0%2CC0001%3A1&hosts=H3%3A1%2CH7%3A1%2CH9%3A1%2CH2%3A0%2CH5%3A1&genVendors=

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.bancastato.ch/(Line 1945) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bancastato.ch/(Line 1945) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bancastato.ch/(Line 1945) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bancastato.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bancastato.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bancastato.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.bancastato.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
geolocation.onetrust.com
prd-analytics.bancastato.ch
www.bancastato.ch
www.inlinea.ch
prd-analytics.bancastato.ch
217.26.33.63
217.26.33.87
2606:4700:4400::ac40:9b77
2606:4700::6813:b234
0166fcc93e70f0cc0d0e262b6d0bce75d7b0308062206192d6ff502f97401812
0350f968110abfe9b3ea50e9f4567d60d73942253d90a941b43f72f45b15a080
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0ed759f9b0f407aa73df997bddf186c37a1927d2b0f8d2f7031067ecacf7581d
0fea4ae61a79845e734c5df1c00ea48b1c35cda64f9abf9cab2642d381cb1040
10eae1e0c8623ca5379a5e9e06012355bab8d235e39813d94e03a50bf8c075dd
11ebc0e2ec3e972f3bcecd1aa31e3a6167654dc76b0f8d93c2069712175eddeb
15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971
1e19bb616cbb7296fcd63fb3ca0fd2feb036c75672819ba3485f96de052b2918
22af2cb27167705fe5fb843dc6f737bdae9be8751437754e5145c2d87ba05dd0
2cbeed89b5d779fb21980ebb0e2a7cc57c9be30d8df0d486ffc9a11d2d89af67
2e85693143ed79c585888f5763d4b0c848b365a3a5c6d3e6b4b025f3e1bd5dc5
3ca390e599307e3d3c40ce26738c025d3363f9956d18918de74b29ae5d33903d
465b2c629f5df9e676ab35968ddf7fde988646e1b0b0dfa5ae8fb83600946d7b
49f7cd749db705c8a8d211cd8a4eef6e9d2f892fa41e419cd872d80071566c91
537884db9cf4c5b2089d63a2a22852ec9b3737f254e20b2f64f4c651cc897f26
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
62386d8a8273031b38e78554c43a8aed04537629db132c6d1c7bdd51822a4988
68c86f50b40b3d99996fe39978c93cf628563444dc8a19bcdbc65ffae2521ac0
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88
6aaea2e4447f9c01aa39e247f2c3a8b723e58c6895c751254401cf667853af6d
6e858a5202e480d17bbc81eacc216943fb9c7eea727263e08f30cb5cc468bec8
6fe53b4d34110d4b8591196abda67dbb539b594613f352bc9aab10b55cf3c016
71a95f3047ec8c8ac3bbef725137ea93d9ea71d42b0a53fe434ee6e9c023bed7
7aa6b0e08f48a0f95d8df7ea89e4cbfe1ef3d1e8c0f7373f7f25edfb4e4a325e
7e13c30013899b6784ab280bdb537a991a0d97a7f5da27c1bc5c8d8f300cc586
7f7ff0ab36975126c2daa004e333a3f5854b59a80d9c437847f47d1079e6dc1b
81dcc945def619ab8a342b22cfb70f5a93d0d417b79370d3431bfc817404b7c6
898c0feba8555d248c7cf6068803736a3bcb3840ce3084de4ab881245c7e1446
8dea63df662b256f541b207be4e598aa7c28604f310aa5db11d8618c9c61cc34
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
902274bd47aefaa6d5445e26545afb9beb51be3235ba4328d0c03061a23d9ff8
9230df14164558edda90752e80110204d9ce145fbea632d969493e54ab333a70
9473418c10073c7b3f3f3f7bfe6bc3f640e3a091ebc4c39cd6f44420011b5912
a08dc4a032a37d5a242a110e0ee7f6c06e64ddcb60b2042453a2fdfd47af5778
a09f06112dbd7c5b56e46a65f2e8a85dd3def2e3829844c607d930aca0762f90
a4873963778e4f551c75d423b30652504b25cafa358b5e8c794183c43898fc6f
a53399627b4aee2378868a684faa414242e72bde3113f78cbd2de8af4a890ad2
a60fca9f3aad41fafcd49e04e9ae88519efece6aa485de11c418a6c034f06b0c
b20ce379151b1c1a67e47606231c8e4759ee83f10df06aa58cccb99627cbebd5
b4b37801b95c0da035a6222a14b883cee80b755b9566ba73f773181ab11e6733
b73598b06d5b907f913068d2fcf34161aa1a9ce9ffb6681a912f106c53f94413
cc45ca4ae13e6ad389e97d0e27c166830d4670ba81a3e5240caa8df9e24ae102
d870a2be4ceb379e084ef102f1b57e01d5026bdaa6549fcd9d5000cc2f975d0c
e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835
eda9e9de8160614499326480a28c0697dd04021d3c4ac63fe5736f0dc9b12761
ef83cb697d53e094cd0240d15be9e29e81557c8d4c9c212f1c2acc4cc2ca1ac8
f733ec258245b619fe5ea835141e8bee2e0b09e9e5de27fab7823fa97d71e4bb
fe2ee45b2e865d648dd94b3cb200d24cf31846741102d9384277daf326232f9b
fecc2245347d555069c65e9483037edb08b7c7d8b74d069c852fdb68eae293fe

www.bancastato.ch Open in urlscan Pro 217.26.33.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

96 %HTTPS

50 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

4070 kBTransfer

5780 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bancastato.ch Open in urlscan Pro
217.26.33.87 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

96 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

4070 kB
Transfer

5780 kB
Size

6
Cookies

56 HTTP transactions
0 data transactions