urlscan.io logo urlscan.io
SecurityTrails logo

mcsl.stage.bnzk.ch Open in urlscan Pro
2001:1680:101:a62::2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mcsl.stage.bnzk.ch/
Effective URL: https://mcsl.stage.bnzk.ch/de/
Submission: On June 26 via automatic, source certstream-suspicious — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 15 HTTP transactions. The main IP is 2001:1680:101:a62::2, located in Switzerland and belongs to SOLNET, CH. The main domain is mcsl.stage.bnzk.ch.
TLS certificate: Issued by *.stage.bnzk.ch on September 25th 2023. Valid for: a year.
This is the only time mcsl.stage.bnzk.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    2001:1680:101:a62::2 (Switzerland)

ASN9044 (SOLNET, CH)
mcsl.stage.bnzk.ch
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2400:52e0:1e00::1080:1 (Germany)

ASN60068 (CDN77 _, GB)
plausible.io
2    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ch
Apex Domain
Subdomains		 Transfer
6 bnzk.ch
mcsl.stage.bnzk.ch
183 KB
2 gstatic.com
fonts.gstatic.com
45 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
166 KB
2 plausible.io
plausible.io — Cisco Umbrella Rank: 11145
2 KB
1 google.ch
www.google.ch — Cisco Umbrella Rank: 23976
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 5
64 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
994 B
15 8
Domain Requested by
6 mcsl.stage.bnzk.ch 1 redirects mcsl.stage.bnzk.ch
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com mcsl.stage.bnzk.ch
www.googletagmanager.com
2 plausible.io mcsl.stage.bnzk.ch
plausible.io
1 www.google.ch mcsl.stage.bnzk.ch
1 www.google.com mcsl.stage.bnzk.ch
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.googleapis.com mcsl.stage.bnzk.ch
15 8

This site contains no links.

Subject Issuer Validity Valid
*.stage.bnzk.ch
*.stage.bnzk.ch		 2023-09-25 -
2024-09-24		 a year crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
plausible.io
R3		 2024-06-06 -
2024-09-04		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.ch
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mcsl.stage.bnzk.ch/de/
Frame ID: 9B62652A49766FDCE61DD4D2EF0909BF
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Startseite

Page URL History Show full URLs

  1. https://mcsl.stage.bnzk.ch/ HTTP 302
    https://mcsl.stage.bnzk.ch/de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • plausible\.io/js/plausible\.js

Page Statistics

15
Requests

67 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

399 kB
Transfer

908 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mcsl.stage.bnzk.ch/ HTTP 302
    https://mcsl.stage.bnzk.ch/de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mcsl.stage.bnzk.ch/de/
Redirect Chain
  • https://mcsl.stage.bnzk.ch/
  • https://mcsl.stage.bnzk.ch/de/
45 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mcsl.stage.bnzk.ch/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1680:101:a62::2 , Switzerland, ASN9044 (SOLNET, CH),
Reverse DNS
Software
nginx /
Resource Hash
244f0dfa95cf17e9b4c3b18d691f1b785697180c41628e7c54742c0d6f4d8ea4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-language
de
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Wed, 26 Jun 2024 09:02:41 GMT
referrer-policy
same-origin
server
nginx
vary
Accept-Encoding Accept-Encoding Cookie
x-content-type-options
nosniff

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Wed, 26 Jun 2024 09:02:41 GMT
location
/de/
referrer-policy
same-origin
server
nginx
vary
Accept-Language, Cookie
x-content-type-options
nosniff
css2
fonts.googleapis.com/ 		5 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:wght@400;500;600;700&display=swap
Requested by
Host: mcsl.stage.bnzk.ch
URL: https://mcsl.stage.bnzk.ch/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
faf3d1513425cfc3c473f133ca07807059dc129ceabacb2f2110a1f9edcde876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 26 Jun 2024 09:02:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 09:02:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Jun 2024 09:02:41 GMT
plausible.js
plausible.io/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plausible.io/js/plausible.js
Requested by
Host: mcsl.stage.bnzk.ch
URL: https://mcsl.stage.bnzk.ch/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
965387ce9489d0167cf33444ab52d064bb3fab35e94b12082ff5eb00a34c070c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 09:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1079
cdn-cachedat
06/26/2024 08:49:08
cdn-pullzone
682664
cross-origin-resource-policy
cross-origin
application
10.0.1.5
alt-svc
h3=":443"; ma=2592000
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
public, max-age=3600
permissions-policy
interest-cohort=()
cdn-requestid
48c951adac3fafc09dd8e932368d0688
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
fotostudio-gurzelenstrasse-biel.jpg__1000x1000_q85_subsampling-2.jpg
mcsl.stage.bnzk.ch/media/thumbs/files/a2/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcsl.stage.bnzk.ch/media/thumbs/files/a2/fotostudio-gurzelenstrasse-biel.jpg__1000x1000_q85_subsampling-2.jpg
Requested by
Host: mcsl.stage.bnzk.ch
URL: https://mcsl.stage.bnzk.ch/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1680:101:a62::2 , Switzerland, ASN9044 (SOLNET, CH),
Reverse DNS
Software
nginx /
Resource Hash
1d5c71e4670d171ac85609343a6d5d56bba6eabd33d16b3a0796b4773f5bb75a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mcsl.stage.bnzk.ch/de/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 09:02:41 GMT
last-modified
Tue, 25 Jun 2024 22:33:32 GMT
server
nginx
accept-ranges
bytes
etag
"667b45bc-16e79"
content-length
93817
content-type
image/jpeg
bundle.js
mcsl.stage.bnzk.ch/static/mcsl/bundle/ 		241 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcsl.stage.bnzk.ch/static/mcsl/bundle/bundle.js
Requested by
Host: mcsl.stage.bnzk.ch
URL: https://mcsl.stage.bnzk.ch/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1680:101:a62::2 , Switzerland, ASN9044 (SOLNET, CH),
Reverse DNS
Software
nginx /
Resource Hash
d006301d3b19ab19e7cb6bce0bef3de107fe2190f975d0de96b1f3f5bb4d964c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mcsl.stage.bnzk.ch/de/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 09:02:41 GMT
content-encoding
gzip
last-modified
Tue, 25 Jun 2024 23:34:08 GMT
server
nginx
etag
W/"667b53f0-3c498"
vary
Accept-Encoding
content-type
application/javascript
gtm.js
www.googletagmanager.com/ 		232 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WBTMC2G
Requested by
Host: mcsl.stage.bnzk.ch
URL: https://mcsl.stage.bnzk.ch/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
696b9101caff35140e8065c1fbd96322be3f9523f70f1b33d44956597fa9e6a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 09:02:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85529
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 26 Jun 2024 09:02:41 GMT
footer-background.svg
mcsl.stage.bnzk.ch/static/mcsl/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcsl.stage.bnzk.ch/static/mcsl/img/footer-background.svg?871fe1669f37
Requested by
Host: mcsl.stage.bnzk.ch
URL: https://mcsl.stage.bnzk.ch/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1680:101:a62::2 , Switzerland, ASN9044 (SOLNET, CH),
Reverse DNS
Software
nginx /
Resource Hash
426d9b2ef049e388da96dea3ecdbf4a5b5eb8e255a48c7394e9cf70b21d6f8a3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mcsl.stage.bnzk.ch/de/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 09:02:41 GMT
content-encoding
gzip
last-modified
Tue, 25 Jun 2024 23:08:45 GMT
server
nginx
etag
W/"667b4dfd-ae6"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfp66_B2sl.woff2
fonts.gstatic.com/s/barlowsemicondensed/v15/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfp66_B2sl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57ada345dc677b0b614d9f39e775fedde2d2ec49f29660654cbba52b1b5a2220
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://mcsl.stage.bnzk.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 14:59:29 GMT
x-content-type-options
nosniff
age
64992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22908
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:53:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 14:59:29 GMT
wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2
fonts.gstatic.com/s/barlowsemicondensed/v15/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74ec7aa456249a38fb4826bd398c5ceb4fc82469ca304492a70af2b8500db605
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://mcsl.stage.bnzk.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 15:05:12 GMT
x-content-type-options
nosniff
age
64649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22356
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:53:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 15:05:12 GMT
event
plausible.io/api/ 		2 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plausible.io/api/event
Requested by
Host: plausible.io
URL: https://plausible.io/js/plausible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Jun 2024 09:02:41 GMT
cdn-edgestorageid
1080
cdn-cachedat
06/26/2024 09:02:41
cdn-pullzone
682664
application
10.0.1.5
alt-svc
h3=":443"; ma=2592000
content-length
2
x-request-id
F9yCbODTpE4G6J0A3gia
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
202
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
must-revalidate, max-age=0, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
x-plausible-dropped
1
cdn-requestid
33cf09d6c841ef31493ef39cec01cf85
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
destination
www.googletagmanager.com/gtag/ 		227 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-659730832&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBTMC2G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93d1776bde9cf9c6a7db47275b254cf626c999f75116de37be07c757fe8a8c7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 09:02:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83947
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 26 Jun 2024 09:02:42 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/659730832/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/659730832/?random=1719392562144&cv=11&fst=1719392562144&bg=ffffff&guid=ON&async=1&gtm=45be46o1z8898626352za201zb898626352&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcsl.stage.bnzk.ch%2Fde%2F&hn=www.googleadservices.com&frm=0&tiba=Startseite&npa=0&pscdl=noapi&auid=374281099.1719392562&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-659730832&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
bb19a2c36c31577d9dd41279611b49f10ab0a5957735f2584f9e31a24d77db5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 09:02:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1411
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/659730832/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/659730832/?random=1719392562144&cv=11&fst=1719392400000&bg=ffffff&guid=ON&async=1&gtm=45be46o1z8898626352za201zb898626352&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcsl.stage.bnzk.ch%2Fde%2F&hn=www.googleadservices.com&frm=0&tiba=Startseite&npa=0&pscdl=noapi&auid=374281099.1719392562&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLWNWdQBFQ-QhfLp6GbhIuPamp8KhCEg&random=1200156024&rmt_tld=0&ipr=y
Requested by
Host: mcsl.stage.bnzk.ch
URL: https://mcsl.stage.bnzk.ch/de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 09:02:42 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ch/pagead/1p-user-list/659730832/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/pagead/1p-user-list/659730832/?random=1719392562144&cv=11&fst=1719392400000&bg=ffffff&guid=ON&async=1&gtm=45be46o1z8898626352za201zb898626352&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmcsl.stage.bnzk.ch%2Fde%2F&hn=www.googleadservices.com&frm=0&tiba=Startseite&npa=0&pscdl=noapi&auid=374281099.1719392562&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLWNWdQBFQ-QhfLp6GbhIuPamp8KhCEg&random=1200156024&rmt_tld=1&ipr=y
Requested by
Host: mcsl.stage.bnzk.ch
URL: https://mcsl.stage.bnzk.ch/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 09:02:42 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
mcsl.stage.bnzk.ch/static/favicon/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mcsl.stage.bnzk.ch/static/favicon/favicon.ico?v=42
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1680:101:a62::2 , Switzerland, ASN9044 (SOLNET, CH),
Reverse DNS
Software
nginx /
Resource Hash
e7da736c980d8553a5b7fc3c603e6aa1ff6530b8f52f132e5fcda05263be488c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mcsl.stage.bnzk.ch/de/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 09:02:42 GMT
content-encoding
gzip
last-modified
Tue, 25 Jun 2024 23:08:45 GMT
server
nginx
etag
W/"667b4dfd-3aee"
vary
Accept-Encoding
content-type
image/x-icon

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage boolean| cms_edit_mode boolean| user_is_staff object| dataLayer function| plausible object| __SENTRY__ object| google_tag_manager object| google_tag_data object| GooglebQhCsO

3 Cookies

Domain/Path Name / Value
mcsl.stage.bnzk.ch/ Name: django_language
Value: de
.bnzk.ch/ Name: _gcl_au
Value: 1.1.374281099.1719392562
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff