www.bancastato.ch Open in urlscan Pro
217.26.33.87 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bancastato.ch/
Effective URL:
https://www.bancastato.ch/
Submission: On October 15 via manual (October 15th 2021, 2:39:09 pm UTC) from CH — Scanned from DE

Summary HTTP 33 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 33 HTTP transactions. The main IP is 217.26.33.87, located in Switzerland and belongs to BSOURCE-AS, CH. The main domain is www.bancastato.ch.
TLS certificate: Issued by Thawte EV RSA CA 2018 on March 24th 2021. Valid for: a year.

This is the only time www.bancastato.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 34	217.26.33.87 217.26.33.87		197312 (BSOURCE-AS) (BSOURCE-AS)
33	1

34 217.26.33.87 (Switzerland) 1 redirects

ASN197312 (BSOURCE-AS, CH)

www.bancastato.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prd-analytics.bancastato.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	bancastato.ch 1 redirects www.bancastato.ch prd-analytics.bancastato.ch	4 MB
33	1

	Domain	Requested by
32	www.bancastato.ch	1 redirects www.bancastato.ch
2	prd-analytics.bancastato.ch	www.bancastato.ch
33	2

This site contains links to these domains. Also see Links.

Domain
www.inlinea.ch
www.instagram.com
www.facebook.com
portal.immuniweb.com

Subject Issuer	Validity	Valid
www.bancastato.ch Thawte EV RSA CA 2018	`2021-03-24` - `2022-03-29`	a year	crt.sh
prd-analytics.bancastato.ch Thawte RSA CA 2018	`2021-06-10` - `2022-06-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.bancastato.ch/
Frame ID: 83E110E40BF9F3325C28CECFE4F8F546
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Homepage | www.bancastato.ch

Page URL History Show full URLs

http://www.bancastato.ch/ HTTP 307
https://www.bancastato.ch/ Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

4064 kB
Transfer

5090 kB
Size

5
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.inlinea.ch/auth-avaloq/login
Title: E-banking

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bancastatoeventi/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bancastatoeventi/

Search URL Search Domain Scan URL

URL: https://portal.immuniweb.com/secure/seal/avaloq.com/LTL5TB/seal.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bancastato.ch/ HTTP 307
https://www.bancastato.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.bancastato.ch/unblu/js-api/v2/visitor/visitor-api.min.js HTTP 302
https://www.bancastato.ch/unblu/static/js-api/xmd1619108015598/v2/visitor-api.min.js

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.bancastato.ch/
Redirect Chain

http://www.bancastato.ch/
https://www.bancastato.ch/

85 KB
90 KB

104ms
35ms

Document
text/html

217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

db5686b4a3e4e297ddf2d4b444e4316d1f488f68a835bcbb702163ba97a4cb4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.bancastato.ch
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 15 Oct 2021 14:39:02 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Vary: Referer,User-Agent
Set-Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; Path=/; Secure; HttpOnly; SameSite=Lax
Content-Length: 87508
X-Magnolia-Registration: Registered
Cache-Control: max-age=600, public
Expires: Fri, 15 Oct 2021 23:49:02 JST
Last-Modified: Fri, 15 Oct 2021 21:00:27 JST
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=10, max=500
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8

Redirect headers

Location: https://www.bancastato.ch/
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK all.min~2021-08-31-16-13-20-000~cache.css
www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/ 576 KB
74 KB 62ms
33ms Stylesheet
text/css 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

d879c7b554f6817f03fa4aae7758362f4db390c4b0a8f024e1095272de3a4acd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Tue, 31 Aug 2021 18:13:20 CEST
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Referer,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: text/css;charset=UTF-8
Expires: Sat, 15 Oct 2022 17:39:03 IDT
Cache-Control: max-age=31536000, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=499
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK style-integration~2021-08-31-16-13-20-000~cache.css
www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/ 5 KB
5 KB 69ms
34ms Stylesheet
text/css 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/style-integration~2021-08-31-16-13-20-000~cache.css

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

ef83cb697d53e094cd0240d15be9e29e81557c8d4c9c212f1c2acc4cc2ca1ac8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Tue, 31 Aug 2021 18:13:20 CEST
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Referer,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: text/css;charset=UTF-8
Expires: Sat, 15 Oct 2022 16:39:03 CEST
Cache-Control: max-age=31536000, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=500
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK jquery-3.5.1.min~2021-08-31-16-13-20-000~cache.js Show response
www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/vendor/ 87 KB
34 KB 74ms
39ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/vendor/jquery-3.5.1.min~2021-08-31-16-13-20-000~cache.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Tue, 31 Aug 2021 18:13:20 CEST
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Referer,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: application/javascript;charset=UTF-8
Expires: Sat, 15 Oct 2022 07:39:03 PDT
Cache-Control: max-age=31536000, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=500
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK Cookie set visitor.js Show response
www.bancastato.ch/unblu/ 3 KB
7 KB 47ms
47ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/unblu/visitor.js?x-unblu-apikey=MZsy5sFESYqU7MawXZgR_w

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

dd1ab6b0c43522f0cd6d9a0c9c7336c6c7906b2c4d1806c944824f40d1a7a18e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Referer,User-Agent
X-XSS-Protection: 1; mode=block
pragma: no-cache
Server: Apache
X-Frame-Options: SAMEORIGIN
x-unblu-start-time: 1619108015598
Content-Type: application/javascript;charset=UTF-8
expires: Thu, 14 Oct 2021 14:39:03 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=1
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Set-Cookie: x-unblu-device=$xc/yXjGvL_rYObpP840_eqXRrKBOSeGDlv_y0T3vWbJDg2qxuZ4; Path=/; Expires=Wed, 02 Nov 2089 17:53:10 GMT; Secure; HttpOnly; SameSite=None
Keep-Alive: timeout=10, max=498
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1

200
OK

visitor-api.min.js Show response
www.bancastato.ch/unblu/static/js-api/xmd1619108015598/v2/
Redirect Chain

https://www.bancastato.ch/unblu/js-api/v2/visitor/visitor-api.min.js
https://www.bancastato.ch/unblu/static/js-api/xmd1619108015598/v2/visitor-api.min.js

38 KB
42 KB

64ms
23ms

Script
application/javascript

217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/unblu/static/js-api/xmd1619108015598/v2/visitor-api.min.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

7653acc5d6673c260e37c47a461f686fcf9575302dc997381f7f9d20804ac4df

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Referer,User-Agent
Content-Length: 39344
X-XSS-Protection: 1; mode=block
last-modified: Tue, 06 Oct 2020 07:43:10 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: application/javascript;charset=UTF-8
expires: Wed, 15 Oct 2031 14:39:03 GMT
cache-control: max-age=315532800
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=495
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

Redirect headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Referer,User-Agent
Content-Length: 0
X-XSS-Protection: 1; mode=block
Server: Apache
X-Frame-Options: SAMEORIGIN
x-unblu-start-time: 1619108015598
Location: /unblu/static/js-api/xmd1619108015598/v2/visitor-api.min.js
expires: Fri, 15 Oct 2021 14:40:03 GMT
cache-control: max-age=60
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Set-Cookie: x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP; Path=/; Expires=Wed, 02 Nov 2089 17:53:10 GMT; Secure; HttpOnly; SameSite=None
Keep-Alive: timeout=10, max=499
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK polyfill.min.js Show response
www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/ 3 KB
5 KB 77ms
38ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/polyfill.min.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

9230df14164558edda90752e80110204d9ce145fbea632d969493e54ab333a70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Tue, 31 Aug 2021 18:13:20 CEST
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Referer,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: application/javascript;charset=UTF-8
Expires: Sat, 16 Oct 2021 00:39:03 JST
Cache-Control: max-age=3600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=500
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK logo-bancastato.svg
www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/ 6 KB
7 KB 29ms
27ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/logo-bancastato.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

7e13c30013899b6784ab280bdb537a991a0d97a7f5da27c1bc5c8d8f300cc586

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Tue, 31 Aug 2021 18:13:20 CEST
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Referer,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: image/svg+xml;charset=UTF-8
Expires: Fri, 15 Oct 2021 17:39:03 CEST
Cache-Control: max-age=3600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=499
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK MTB-1400x1080.jpg
www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/MTB-1400x1080.jpg/jcr:content/ 825 KB
829 KB 55ms
53ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/MTB-1400x1080.jpg/jcr:content/MTB-1400x1080.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

48e9fd7ccb76ebbcd3a86b7b7d7432c6b22210ece7dae54f36162728828eee3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Vary: Referer,User-Agent
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: image/jpeg;charset=UTF-8
Expires: Fri, 15 Oct 2021 07:49:03 PDT
Cache-Control: max-age=600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=500
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK Arcobaleno%20Home.jpg
www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Comunicazioni-alla-clientela/Arcobaleno-Home.jpg/jcr:content/ 594 KB
598 KB 138ms
49ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Comunicazioni-alla-clientela/Arcobaleno-Home.jpg/jcr:content/Arcobaleno%20Home.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

a320cbdae8162e051a8d9dd91651eab0d4a1c5b76963c3ab748f37eaa243585a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Vary: Referer,User-Agent
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: image/jpeg;charset=UTF-8
Expires: Fri, 15 Oct 2021 23:49:03 JST
Cache-Control: max-age=600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=498
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK vivi4.jpg
www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Comunicazioni-alla-clientela/vivi4.jpg/jcr:content/ 861 KB
865 KB 52ms
52ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Comunicazioni-alla-clientela/vivi4.jpg/jcr:content/vivi4.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

49bdd39c89a062f0db4d167d56e7506c06853396b3d19998da400fd9a162b6c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Vary: Referer,User-Agent
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: image/jpeg;charset=UTF-8
Expires: Fri, 15 Oct 2021 16:49:03 CEST
Cache-Control: max-age=600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=497
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK mandato-pubblico-garanziaStato.jpg
www.bancastato.ch/dam/jcr:6661634e-0ccf-4c32-9d3e-8cce6d99acb5/ 69 KB
74 KB 32ms
32ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:6661634e-0ccf-4c32-9d3e-8cce6d99acb5/mandato-pubblico-garanziaStato.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

902274bd47aefaa6d5445e26545afb9beb51be3235ba4328d0c03061a23d9ff8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="mandato-pubblico-garanziaStato.jpg"
Connection: Keep-Alive
Vary: Referer,User-Agent
Content-Length: 71164
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 22 Jul 2019 01:44:32 PDT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: image/jpeg;charset=UTF-8
Expires: Fri, 15 Oct 2021 07:49:03 PDT
Cache-Control: max-age=600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=494
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK Evento-MuseoErba.jpg
www.bancastato.ch/dam/jcr:c5485a98-dcf8-41ef-8d7f-430e29b96064/ 42 KB
46 KB 37ms
37ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:c5485a98-dcf8-41ef-8d7f-430e29b96064/Evento-MuseoErba.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

14accac372c079031a177aa3c197557ab3910c8509e19d265ef834a867728c22

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="Evento-MuseoErba.jpg"
Connection: Keep-Alive
Vary: Referer,User-Agent
Content-Length: 43038
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 22 Jul 2019 10:44:46 CEST
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: image/jpeg;charset=UTF-8
Expires: Fri, 15 Oct 2021 23:49:03 JST
Cache-Control: max-age=600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=498
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK TiHome.jpg
www.bancastato.ch/dam/jcr:48260176-d42f-4f32-b1a7-1a1ac7a0e620/ 76 KB
80 KB 32ms
32ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:48260176-d42f-4f32-b1a7-1a1ac7a0e620/TiHome.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

22af2cb27167705fe5fb843dc6f737bdae9be8751437754e5145c2d87ba05dd0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="TiHome.jpg"
Connection: Keep-Alive
Vary: Referer,User-Agent
Content-Length: 77860
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 22 Jul 2019 17:44:37 JST
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: image/jpeg;charset=UTF-8
Expires: Fri, 15 Oct 2021 17:49:03 IDT
Cache-Control: max-age=600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=496
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK logo-bancastato-white.svg
www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/ 6 KB
7 KB 24ms
24ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/logo-bancastato-white.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

0166fcc93e70f0cc0d0e262b6d0bce75d7b0308062206192d6ff502f97401812

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Tue, 31 Aug 2021 18:13:20 CEST
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Referer,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: image/svg+xml;charset=UTF-8
Expires: Fri, 15 Oct 2021 17:39:03 CEST
Cache-Control: max-age=3600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=493
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK ImmuniWeb.png
www.bancastato.ch/dam/jcr:79d37251-e67a-4fae-967e-a49abb7550e8/ 12 KB
16 KB 29ms
28ms Image
image/png 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:79d37251-e67a-4fae-967e-a49abb7550e8/ImmuniWeb.png

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

400c8702da740e6b9745f282d62330208186580907d6056c95e8d4f9fa8c510a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="ImmuniWeb.png"
Connection: Keep-Alive
Vary: Referer,User-Agent
Content-Length: 12351
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Wed, 21 Jul 2021 08:15:20 PDT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: image/png;charset=UTF-8
Expires: Fri, 15 Oct 2021 07:49:03 PDT
Cache-Control: max-age=600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=497
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK all.min~2021-08-31-16-13-20-000~cache.js Show response
www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/ 751 KB
183 KB 38ms
38ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/all.min~2021-08-31-16-13-20-000~cache.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

47a1a3d90f765eaa658db23f614e587df3d20d6ea367c3b7826ee56bd7c81be3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Tue, 31 Aug 2021 18:13:20 CEST
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Referer,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: application/javascript;charset=UTF-8
Expires: Sat, 15 Oct 2022 17:39:03 IDT
Cache-Control: max-age=31536000, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=499
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK matomo.js Show response
prd-analytics.bancastato.ch/ 66 KB
66 KB 157ms
31ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://prd-analytics.bancastato.ch/matomo.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Last-Modified: Thu, 21 Mar 2019 07:50:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "106ad-58495fc36da00"
Vary: Referer,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=500
Content-Length: 67245
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK /
www.bancastato.ch/ 64 KB
64 KB 85ms
28ms Image
text/html 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Fri, 15 Oct 2021 21:00:27 JST
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Referer,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: text/html;charset=UTF-8
Expires: Fri, 15 Oct 2021 17:49:03 IDT
Cache-Control: max-age=600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=497
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK FuturaBT-Medium.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 49 KB
53 KB 45ms
34ms Font
application/font-woff2 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/FuturaBT-Medium.woff2

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

7725847545e8e5bfe08e1f41aa34668c3c90e8f7a815310ac036c11d4fecb246

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.bancastato.ch
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
Connection: keep-alive
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css
Origin: https://www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Referer,User-Agent
Content-Length: 50014
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Tue, 31 Aug 2021 18:13:20 CEST
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: application/font-woff2;charset=UTF-8
Expires: Sat, 16 Oct 2021 00:39:03 JST
Cache-Control: max-age=3600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=497
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK icomoon.ttf
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 45 KB
49 KB 52ms
37ms Font
application/x-font-ttf 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/icomoon.ttf?37muqp

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

f08ef572b45ff277094c0bef2527b3589ba262c2de8381b777ab5e9f2f90e72c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.bancastato.ch
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
Connection: keep-alive
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css
Origin: https://www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Vary: Referer,User-Agent
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Tue, 31 Aug 2021 18:13:20 CEST
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: application/x-font-ttf;charset=UTF-8
Expires: Fri, 15 Oct 2021 18:39:03 IDT
Cache-Control: max-age=3600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=498
X-Content-Type-Options: nosniff
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK FuturaBT-Bold.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 50 KB
54 KB 49ms
32ms Font
application/font-woff2 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/FuturaBT-Bold.woff2

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

6a5b82a4ddd95e8efc2243e4902a29e41e24ab18831249994bc98eb87825e92e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.bancastato.ch
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
Connection: keep-alive
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css
Origin: https://www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Referer,User-Agent
Content-Length: 51680
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Tue, 31 Aug 2021 18:13:20 CEST
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: application/font-woff2;charset=UTF-8
Expires: Fri, 15 Oct 2021 18:39:03 IDT
Cache-Control: max-age=3600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=498
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK roboto-medium-webfont.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 19 KB
23 KB 51ms
31ms Font
application/font-woff2 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/roboto-medium-webfont.woff2

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

180f7a7ef480678bbab7eb56bd1ea1d1f13a48355ba34845792f0f4582ec5a66

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.bancastato.ch
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
Connection: keep-alive
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css
Origin: https://www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Referer,User-Agent
Content-Length: 19716
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Tue, 31 Aug 2021 18:13:20 CEST
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: application/font-woff2;charset=UTF-8
Expires: Fri, 15 Oct 2021 18:39:03 IDT
Cache-Control: max-age=3600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=500
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK roboto-bold-webfont.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 19 KB
23 KB 68ms
23ms Font
application/font-woff2 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/roboto-bold-webfont.woff2

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

2c4181ff75a8e0b68afda47b2eb4fda8d2aa246863ce80236974f864e0e80a71

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.bancastato.ch
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
Connection: keep-alive
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css
Origin: https://www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Referer,User-Agent
Content-Length: 19872
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Tue, 31 Aug 2021 18:13:20 CEST
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: application/font-woff2;charset=UTF-8
Expires: Fri, 15 Oct 2021 17:39:03 CEST
Cache-Control: max-age=3600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=496
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK roboto-regular-webfont.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 19 KB
23 KB 100ms
26ms Font
application/font-woff2 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/roboto-regular-webfont.woff2

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

785f232e41bcaa1c4abbd2996db9263bd1a4a57fb0388a81ab77171898fb8411

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.bancastato.ch
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
Connection: keep-alive
Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-08-31-16-13-20-000~cache.css
Origin: https://www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Referer,User-Agent
Content-Length: 19652
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Tue, 31 Aug 2021 18:13:20 CEST
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: application/font-woff2;charset=UTF-8
Expires: Fri, 15 Oct 2021 08:39:03 PDT
Cache-Control: max-age=3600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=499
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK Barra-bilancioSocialeAmbientale.jpg
www.bancastato.ch/dam/jcr:89549bf8-5a61-4e6f-b660-af5ee0e38b77/ 120 KB
124 KB 23ms
23ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:89549bf8-5a61-4e6f-b660-af5ee0e38b77/Barra-bilancioSocialeAmbientale.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

465b2c629f5df9e676ab35968ddf7fde988646e1b0b0dfa5ae8fb83600946d7b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="Barra-bilancioSocialeAmbientale.jpg"
Connection: Keep-Alive
Vary: Referer,User-Agent
Content-Length: 123016
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 22 Jul 2019 17:44:50 JST
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: image/jpeg;charset=UTF-8
Expires: Fri, 15 Oct 2021 23:49:03 JST
Cache-Control: max-age=600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=496
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK Initializer.js Show response
www.bancastato.ch/unblu/static/js/wp/xmd1619108015598/ 9 KB
13 KB 23ms
23ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/unblu/static/js/wp/xmd1619108015598/Initializer.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/unblu/visitor.js?x-unblu-apikey=MZsy5sFESYqU7MawXZgR_w

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

38f9a47d2c8ed74618de71b48c78c2612493717320fb67413d3d82d4b13a2b38

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Referer,User-Agent
Content-Length: 9093
X-XSS-Protection: 1; mode=block
last-modified: Tue, 06 Oct 2020 08:00:44 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: application/javascript;charset=UTF-8
expires: Wed, 15 Oct 2031 14:39:03 GMT
cache-control: max-age=315532800
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=492
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK IPCheckServlet Show response
www.bancastato.ch/ 133 B
4 KB 144ms
143ms XHR
text/html 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/IPCheckServlet?skp=t

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/vendor/jquery-3.5.1.min~2021-08-31-16-13-20-000~cache.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

0b2f3ae66cca70b7916b7654ae7b24803409944b0d71a94942f4d5d99bb89082

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP
Connection: keep-alive
Referer: https://www.bancastato.ch/
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bancastato.ch/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Referer,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: text/html;charset=UTF-8
Expires: Fri, 15 Oct 2021 17:49:03 IDT
Cache-Control: max-age=600, public
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=497
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK matomo.php
prd-analytics.bancastato.ch/ 43 B
401 B 290ms
289ms Image
image/gif 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd-analytics.bancastato.ch/matomo.php?action_name=Homepage%20%7C%20www.bancastato.ch&idsite=1&rec=1&r=011914&h=14&m=39&s=3&url=https%3A%2F%2Fwww.bancastato.ch%2F&_id=2ca015b3b837b485&_idts=1634308743&_idvc=1&_idn=0&_refts=0&_viewts=1634308743&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=85&pv_id=zQxCd4

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Referer,User-Agent
Connection: Keep-Alive
Content-Type: image/gif
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Keep-Alive: timeout=10, max=499
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK SiteIntegrationLazyMain.cfg Show response
www.bancastato.ch/unblu/config/xmd1634307485747/all/it/de-DE/https$www.bancastato.ch/MZsy5sFESYqU7MawXZgR_w/null/null/ 14 KB
18 KB 38ms
38ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/unblu/config/xmd1634307485747/all/it/de-DE/https$www.bancastato.ch/MZsy5sFESYqU7MawXZgR_w/null/null/SiteIntegrationLazyMain.cfg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/unblu/static/js/wp/xmd1619108015598/Initializer.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

36aaf130fb2ee78d1886edd45bdf1711839cb847e3de43c11073e43039be2743

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP; _pk_id.1.8629=2ca015b3b837b485.1634308743.1.1634308743.1634308743.; _pk_ses.1.8629=1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Referer,User-Agent
Content-Length: 14416
X-XSS-Protection: 1; mode=block
last-modified: Thu, 22 Apr 2021 16:13:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: application/javascript;charset=UTF-8
expires: Wed, 15 Oct 2031 14:39:03 GMT
cache-control: max-age=315532800
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=499
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

GET
H/1.1 200
OK SiteIntegrationLazyMain.js Show response
www.bancastato.ch/unblu/static/js/wp/xmd1619108015598/ 574 KB
578 KB 34ms
34ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/unblu/static/js/wp/xmd1619108015598/SiteIntegrationLazyMain.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/unblu/static/js/wp/xmd1619108015598/Initializer.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

468f4802dc841c6a11b6a29421fbcc7b1997c8e45816ae918abc73480e137f77

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bancastato.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.bancastato.ch/
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP; _pk_id.1.8629=2ca015b3b837b485.1634308743.1.1634308743.1634308743.; _pk_ses.1.8629=1
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Referer,User-Agent
Content-Length: 587816
X-XSS-Protection: 1; mode=block
last-modified: Tue, 06 Oct 2020 08:00:44 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: application/javascript;charset=UTF-8
expires: Wed, 15 Oct 2031 14:39:03 GMT
cache-control: max-age=315532800
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=498
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

POST
H/1.1 200
OK rpc Show response
www.bancastato.ch/unblu/ 282 B
4 KB 68ms
68ms XHR
application/unblu-serialized-object 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/unblu/rpc?xvh=x-unblu-client~INITIAL*x-unblu-page~INITIAL*x-unblu-apikey~MZsy5sFESYqU7MawXZgR_w*x-unblu-referer~aHR0cHM6Ly93d3cuYmFuY2FzdGF0by5jaC8%253D*x-unblu-locale~it*content-type~application%252Funblu-serialized-object

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/unblu/static/js/wp/xmd1619108015598/SiteIntegrationLazyMain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

e8707e8e089d324eb1c5d35f3c776b02f6e8fca57a3f3e373102ee22077e09f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.bancastato.ch
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP; _pk_id.1.8629=2ca015b3b837b485.1634308743.1.1634308743.1634308743.; _pk_ses.1.8629=1
Connection: keep-alive
Content-Length: 261
Pragma: no-cache
Host: www.bancastato.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain; charset=UTF-8
Accept: application/unblu-serialized-object
Cache-Control: no-cache
Referer: https://www.bancastato.ch/
Sec-Fetch-Site: same-origin
Accept: application/unblu-serialized-object
Referer: https://www.bancastato.ch/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

Date: Fri, 15 Oct 2021 14:39:03 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
x-unblu-start-time: 1619108015598
Connection: Keep-Alive
Vary: Referer,User-Agent
X-XSS-Protection: 1; mode=block
pragma: no-cache
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: application/unblu-serialized-object;charset=UTF-8
expires: Thu, 14 Oct 2021 14:39:03 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=1
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=496
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

POST
H/1.1 200
OK rpc Show response
www.bancastato.ch/unblu/ 282 B
4 KB 35ms
35ms XHR
application/unblu-serialized-object 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/unblu/static/js/wp/xmd1619108015598/SiteIntegrationLazyMain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

d9ffd772990159ad8ea3448b64d5c42e2f1539d531cb7d29ef48c57e87af7d06

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.bancastato.ch
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
Cookie: AL_SESS-S=AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV; x-unblu-device=$xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP; _pk_id.1.8629=2ca015b3b837b485.1634308743.1.1634308743.1634308743.; _pk_ses.1.8629=1
Connection: keep-alive
Content-Length: 261
Pragma: no-cache
Host: www.bancastato.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain; charset=UTF-8
Accept: application/unblu-serialized-object
Cache-Control: no-cache
Referer: https://www.bancastato.ch/
Sec-Fetch-Site: same-origin
Accept: application/unblu-serialized-object
Referer: https://www.bancastato.ch/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

Date: Fri, 15 Oct 2021 14:39:06 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
x-unblu-start-time: 1619108015598
Connection: Keep-Alive
Vary: Referer,User-Agent
X-XSS-Protection: 1; mode=block
pragma: no-cache
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: application/unblu-serialized-object;charset=UTF-8
expires: Thu, 14 Oct 2021 14:39:06 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=1
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Keep-Alive: timeout=10, max=495
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bancastato.ch/	1969-12-31 23:59:59	Name: AL_SESS-S Value: AZW28uBPTU6UBlHMMQhSG2oZOk2lFPN!3eXa4iBxl345LoCmAfL0IVsbbp4BX8K2!EeV
www.bancastato.ch/	1970-02-13 18:29:52	Name: x-unblu-device Value: $xc/bDDyge6GF_2bHBsK9tOLn77XhTm!rHOG_QrfeZ65x65Zc!JP
prd-analytics.bancastato.ch/	1969-12-31 23:59:59	Name: AL_SESS-S Value: AdRdtwaA9bSywI57decLedfaqNH_dj3OV7z!_dvpcv1eaAqf1qgLCzva3CzqsJNStA1t
www.bancastato.ch/	1970-01-20 07:24:23	Name: _pk_id.1.8629 Value: 2ca015b3b837b485.1634308743.1.1634308743.1634308743.
www.bancastato.ch/	1970-01-19 21:58:30	Name: _pk_ses.1.8629 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com .cloudfront.net ; connect-src 'self' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net ; img-src 'self' data: .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net ; style-src 'self' 'unsafe-inline' .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch *.cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

prd-analytics.bancastato.ch
www.bancastato.ch
217.26.33.87
0166fcc93e70f0cc0d0e262b6d0bce75d7b0308062206192d6ff502f97401812
0b2f3ae66cca70b7916b7654ae7b24803409944b0d71a94942f4d5d99bb89082
14accac372c079031a177aa3c197557ab3910c8509e19d265ef834a867728c22
180f7a7ef480678bbab7eb56bd1ea1d1f13a48355ba34845792f0f4582ec5a66
22af2cb27167705fe5fb843dc6f737bdae9be8751437754e5145c2d87ba05dd0
2c4181ff75a8e0b68afda47b2eb4fda8d2aa246863ce80236974f864e0e80a71
36aaf130fb2ee78d1886edd45bdf1711839cb847e3de43c11073e43039be2743
38f9a47d2c8ed74618de71b48c78c2612493717320fb67413d3d82d4b13a2b38
400c8702da740e6b9745f282d62330208186580907d6056c95e8d4f9fa8c510a
465b2c629f5df9e676ab35968ddf7fde988646e1b0b0dfa5ae8fb83600946d7b
468f4802dc841c6a11b6a29421fbcc7b1997c8e45816ae918abc73480e137f77
47a1a3d90f765eaa658db23f614e587df3d20d6ea367c3b7826ee56bd7c81be3
48e9fd7ccb76ebbcd3a86b7b7d7432c6b22210ece7dae54f36162728828eee3d
49bdd39c89a062f0db4d167d56e7506c06853396b3d19998da400fd9a162b6c8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6a5b82a4ddd95e8efc2243e4902a29e41e24ab18831249994bc98eb87825e92e
7653acc5d6673c260e37c47a461f686fcf9575302dc997381f7f9d20804ac4df
7725847545e8e5bfe08e1f41aa34668c3c90e8f7a815310ac036c11d4fecb246
785f232e41bcaa1c4abbd2996db9263bd1a4a57fb0388a81ab77171898fb8411
7e13c30013899b6784ab280bdb537a991a0d97a7f5da27c1bc5c8d8f300cc586
902274bd47aefaa6d5445e26545afb9beb51be3235ba4328d0c03061a23d9ff8
9230df14164558edda90752e80110204d9ce145fbea632d969493e54ab333a70
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
a320cbdae8162e051a8d9dd91651eab0d4a1c5b76963c3ab748f37eaa243585a
d879c7b554f6817f03fa4aae7758362f4db390c4b0a8f024e1095272de3a4acd
d9ffd772990159ad8ea3448b64d5c42e2f1539d531cb7d29ef48c57e87af7d06
db5686b4a3e4e297ddf2d4b444e4316d1f488f68a835bcbb702163ba97a4cb4c
dd1ab6b0c43522f0cd6d9a0c9c7336c6c7906b2c4d1806c944824f40d1a7a18e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835
e8707e8e089d324eb1c5d35f3c776b02f6e8fca57a3f3e373102ee22077e09f5
ef83cb697d53e094cd0240d15be9e29e81557c8d4c9c212f1c2acc4cc2ca1ac8
f08ef572b45ff277094c0bef2527b3589ba262c2de8381b777ab5e9f2f90e72c

www.bancastato.ch Open in urlscan Pro 217.26.33.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

4064 kBTransfer

5090 kBSize

5 Cookies

4 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bancastato.ch Open in urlscan Pro
217.26.33.87 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

4064 kB
Transfer

5090 kB
Size

5
Cookies

33 HTTP transactions
0 data transactions