GET
H/1.1
|
200
OK
|
Primary Request
/
Show response
www.bancastato.ch/
|
85 KB
89 KB
|
154ms
54ms
|
Document
text/html |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 06c0824e2cd9e063b095100a16c7eb6cca68026c6ed1ec6143e23d126e4eb8c4
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
all.min~2021-09-10-09-44-46-000~cache.css
www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/
|
576 KB
74 KB
|
44ms
31ms
|
Stylesheet
text/css |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-09-10-09-44-46-000~cache.css
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- d879c7b554f6817f03fa4aae7758362f4db390c4b0a8f024e1095272de3a4acd
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
style-integration~2021-09-10-09-44-46-000~cache.css
www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/
|
5 KB
5 KB
|
65ms
33ms
|
Stylesheet
text/css |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/style-integration~2021-09-10-09-44-46-000~cache.css
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- ef83cb697d53e094cd0240d15be9e29e81557c8d4c9c212f1c2acc4cc2ca1ac8
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
jquery-3.5.1.min~2021-09-10-09-44-46-000~cache.js
Show response
www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/vendor/
|
87 KB
34 KB
|
65ms
34ms
|
Script
application/javascript |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/vendor/jquery-3.5.1.min~2021-09-10-09-44-46-000~cache.js
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
visitor.js
Show response
www.bancastato.ch/unblu/
|
3 KB
7 KB
|
47ms
47ms
|
Script
application/javascript |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/unblu/visitor.js?x-unblu-apikey=MZsy5sFESYqU7MawXZgR_w
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- a3aea5ffa7fe580c38e005ee00f0ddd12dad0eb7bd3a6044fee2198192dcbbc9
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
visitor-api.min.js
Show response
www.bancastato.ch/unblu/static/js-api/xmd1636804826949/v2/
Redirect Chain
-
https://www.bancastato.ch/unblu/js-api/v2/visitor/visitor-api.min.js
-
https://www.bancastato.ch/unblu/static/js-api/xmd1636804826949/v2/visitor-api.min.js
|
38 KB
42 KB
|
147ms
33ms
|
Script
application/javascript |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/unblu/static/js-api/xmd1636804826949/v2/visitor-api.min.js
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 7653acc5d6673c260e37c47a461f686fcf9575302dc997381f7f9d20804ac4df
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
polyfill.min.js
Show response
www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/
|
3 KB
5 KB
|
63ms
32ms
|
Script
application/javascript |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/polyfill.min.js
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 9230df14164558edda90752e80110204d9ce145fbea632d969493e54ab333a70
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
logo-bancastato.svg
www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/
|
6 KB
7 KB
|
35ms
33ms
|
Image
image/svg+xml |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/logo-bancastato.svg
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 7e13c30013899b6784ab280bdb537a991a0d97a7f5da27c1bc5c8d8f300cc586
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
Distanti%20ma%20vicini%201920x704-02.jpg
www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/home/Distanti-ma-vicini-1920x704-02.jpg/jcr:content/
|
693 KB
698 KB
|
50ms
48ms
|
Image
image/jpeg |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/home/Distanti-ma-vicini-1920x704-02.jpg/jcr:content/Distanti%20ma%20vicini%201920x704-02.jpg
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- d93106f49a1739da6ce8b3fe932b9ba4a47ceff36bc055d3ee3ce278187b561b
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
webserie.jpg
www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/webserie.jpg/jcr:content/
|
672 KB
677 KB
|
175ms
54ms
|
Image
image/jpeg |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/webserie.jpg/jcr:content/webserie.jpg
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- d32053a5ea80422472cdac07705699bdc7a2f813105b6f2398f9f3d00f58e925
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
Arcobaleno%20Home.jpg
www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Comunicazioni-alla-clientela/Arcobaleno-Home.jpg/jcr:content/
|
594 KB
598 KB
|
56ms
56ms
|
Image
image/jpeg |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Comunicazioni-alla-clientela/Arcobaleno-Home.jpg/jcr:content/Arcobaleno%20Home.jpg
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- a320cbdae8162e051a8d9dd91651eab0d4a1c5b76963c3ab748f37eaa243585a
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
mandato-pubblico-garanziaStato.jpg
www.bancastato.ch/dam/jcr:6661634e-0ccf-4c32-9d3e-8cce6d99acb5/
|
69 KB
73 KB
|
31ms
31ms
|
Image
image/jpeg |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/dam/jcr:6661634e-0ccf-4c32-9d3e-8cce6d99acb5/mandato-pubblico-garanziaStato.jpg
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 902274bd47aefaa6d5445e26545afb9beb51be3235ba4328d0c03061a23d9ff8
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
Evento-MuseoErba.jpg
www.bancastato.ch/dam/jcr:c5485a98-dcf8-41ef-8d7f-430e29b96064/
|
42 KB
46 KB
|
30ms
30ms
|
Image
image/jpeg |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/dam/jcr:c5485a98-dcf8-41ef-8d7f-430e29b96064/Evento-MuseoErba.jpg
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 14accac372c079031a177aa3c197557ab3910c8509e19d265ef834a867728c22
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
TiHome.jpg
www.bancastato.ch/dam/jcr:48260176-d42f-4f32-b1a7-1a1ac7a0e620/
|
76 KB
80 KB
|
43ms
42ms
|
Image
image/jpeg |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/dam/jcr:48260176-d42f-4f32-b1a7-1a1ac7a0e620/TiHome.jpg
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 22af2cb27167705fe5fb843dc6f737bdae9be8751437754e5145c2d87ba05dd0
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
logo-bancastato-white.svg
www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/
|
6 KB
6 KB
|
53ms
52ms
|
Image
image/svg+xml |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/logo-bancastato-white.svg
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 0166fcc93e70f0cc0d0e262b6d0bce75d7b0308062206192d6ff502f97401812
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
ImmuniWeb.png
www.bancastato.ch/dam/jcr:79d37251-e67a-4fae-967e-a49abb7550e8/
|
12 KB
16 KB
|
53ms
53ms
|
Image
image/png |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/dam/jcr:79d37251-e67a-4fae-967e-a49abb7550e8/ImmuniWeb.png
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 400c8702da740e6b9745f282d62330208186580907d6056c95e8d4f9fa8c510a
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
all.min~2021-09-10-09-44-46-000~cache.js
Show response
www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/
|
751 KB
183 KB
|
28ms
28ms
|
Script
application/javascript |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/all.min~2021-09-10-09-44-46-000~cache.js
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 8b3a82734c5c082a749cd68798df62f555056621ea2f460f3f1049b8e88bdddf
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
matomo.js
Show response
prd-analytics.bancastato.ch/
|
66 KB
66 KB
|
147ms
56ms
|
Script
application/javascript |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://prd-analytics.bancastato.ch/matomo.js
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
/
www.bancastato.ch/
|
64 KB
64 KB
|
138ms
46ms
|
Image
text/html |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
FuturaBT-Medium.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/
|
49 KB
53 KB
|
75ms
48ms
|
Font
application/font-woff2 |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/FuturaBT-Medium.woff2
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-09-10-09-44-46-000~cache.css
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 7725847545e8e5bfe08e1f41aa34668c3c90e8f7a815310ac036c11d4fecb246
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
icomoon.ttf
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/
|
45 KB
49 KB
|
78ms
45ms
|
Font
application/x-font-ttf |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/icomoon.ttf?37muqp
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-09-10-09-44-46-000~cache.css
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- f08ef572b45ff277094c0bef2527b3589ba262c2de8381b777ab5e9f2f90e72c
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
FuturaBT-Bold.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/
|
50 KB
54 KB
|
83ms
44ms
|
Font
application/font-woff2 |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/FuturaBT-Bold.woff2
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-09-10-09-44-46-000~cache.css
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 6a5b82a4ddd95e8efc2243e4902a29e41e24ab18831249994bc98eb87825e92e
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
roboto-medium-webfont.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/
|
19 KB
23 KB
|
79ms
36ms
|
Font
application/font-woff2 |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/roboto-medium-webfont.woff2
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-09-10-09-44-46-000~cache.css
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 180f7a7ef480678bbab7eb56bd1ea1d1f13a48355ba34845792f0f4582ec5a66
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
roboto-bold-webfont.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/
|
19 KB
23 KB
|
141ms
46ms
|
Font
application/font-woff2 |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/roboto-bold-webfont.woff2
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-09-10-09-44-46-000~cache.css
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 2c4181ff75a8e0b68afda47b2eb4fda8d2aa246863ce80236974f864e0e80a71
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
roboto-regular-webfont.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/
|
19 KB
23 KB
|
153ms
50ms
|
Font
application/font-woff2 |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/roboto-regular-webfont.woff2
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2021-09-10-09-44-46-000~cache.css
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 785f232e41bcaa1c4abbd2996db9263bd1a4a57fb0388a81ab77171898fb8411
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
Barra-bilancioSocialeAmbientale.jpg
www.bancastato.ch/dam/jcr:89549bf8-5a61-4e6f-b660-af5ee0e38b77/
|
120 KB
124 KB
|
35ms
34ms
|
Image
image/jpeg |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/dam/jcr:89549bf8-5a61-4e6f-b660-af5ee0e38b77/Barra-bilancioSocialeAmbientale.jpg
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 465b2c629f5df9e676ab35968ddf7fde988646e1b0b0dfa5ae8fb83600946d7b
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
Initializer.js
Show response
www.bancastato.ch/unblu/static/js/wp/xmd1636804826949/
|
9 KB
13 KB
|
24ms
24ms
|
Script
application/javascript |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/unblu/static/js/wp/xmd1636804826949/Initializer.js
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/unblu/visitor.js?x-unblu-apikey=MZsy5sFESYqU7MawXZgR_w
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 38f9a47d2c8ed74618de71b48c78c2612493717320fb67413d3d82d4b13a2b38
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
matomo.php
prd-analytics.bancastato.ch/
|
43 B
375 B
|
271ms
271ms
|
Image
image/gif |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://prd-analytics.bancastato.ch/matomo.php?action_name=Homepage%20%7C%20www.bancastato.ch&idsite=1&rec=1&r=602166&h=17&m=21&s=25&url=https%3A%2F%2Fwww.bancastato.ch%2F&_id=d3248a873ef0daec&_idts=1644859285&_idvc=1&_idn=0&_refts=0&_viewts=1644859285&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200>_ms=85&pv_id=wJp8Mv
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
IPCheckServlet
Show response
www.bancastato.ch/
|
130 B
4 KB
|
82ms
47ms
|
XHR
text/html |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/IPCheckServlet?skp=t
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/vendor/jquery-3.5.1.min~2021-09-10-09-44-46-000~cache.js
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 3e61d024eb5d09c0b045fa30bc448343edb3e7394516e85f161b85160691537d
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
SiteIntegrationLazyMain.cfg
Show response
www.bancastato.ch/unblu/config/xmd1644855380870/all/it/de-DE/https$www.bancastato.ch/MZsy5sFESYqU7MawXZgR_w/null/null/
|
14 KB
18 KB
|
54ms
54ms
|
Script
application/javascript |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/unblu/config/xmd1644855380870/all/it/de-DE/https$www.bancastato.ch/MZsy5sFESYqU7MawXZgR_w/null/null/SiteIntegrationLazyMain.cfg
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/unblu/static/js/wp/xmd1636804826949/Initializer.js
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 1f647b499ceaf8e42326b6bbadb020cd33c978e2fe3bd17508399f1e0b6c76e9
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
SiteIntegrationLazyMain.js
Show response
www.bancastato.ch/unblu/static/js/wp/xmd1636804826949/
|
574 KB
578 KB
|
33ms
33ms
|
Script
application/javascript |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/unblu/static/js/wp/xmd1636804826949/SiteIntegrationLazyMain.js
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/unblu/static/js/wp/xmd1636804826949/Initializer.js
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 468f4802dc841c6a11b6a29421fbcc7b1997c8e45816ae918abc73480e137f77
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
POST
H/1.1
|
200
OK
|
rpc
Show response
www.bancastato.ch/unblu/
|
282 B
4 KB
|
81ms
80ms
|
XHR
application/unblu-serialized-object |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/unblu/rpc?xvh=x-unblu-client~INITIAL*x-unblu-page~INITIAL*x-unblu-apikey~MZsy5sFESYqU7MawXZgR_w*x-unblu-referer~aHR0cHM6Ly93d3cuYmFuY2FzdGF0by5jaC8%253D*x-unblu-locale~it*content-type~application%252Funblu-serialized-object
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/unblu/static/js/wp/xmd1636804826949/SiteIntegrationLazyMain.js
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- e60df326a2c05a0259b560b13a4334ed80f9d25384090b968ef1cf2731873deb
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
POST
H/1.1
|
200
OK
|
rpc
Show response
www.bancastato.ch/unblu/
|
282 B
4 KB
|
31ms
31ms
|
XHR
application/unblu-serialized-object |
217.26.33.87
BSOURCE-AS
|
|
General
- Full URL
- https://www.bancastato.ch/unblu/rpc?xvh=x-unblu-client~INITIAL*x-unblu-page~INITIAL*x-unblu-apikey~MZsy5sFESYqU7MawXZgR_w*x-unblu-referer~aHR0cHM6Ly93d3cuYmFuY2FzdGF0by5jaC8%253D*x-unblu-locale~it*content-type~application%252Funblu-serialized-object
- Requested by
- Host: www.bancastato.ch
URL: https://www.bancastato.ch/unblu/static/js/wp/xmd1636804826949/SiteIntegrationLazyMain.js
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, CHACHA20_POLY1305
- Server
-
217.26.33.87
, Switzerland,
ASN197312
(BSOURCE-AS, CH),
- Reverse DNS
- Software
-
Apache /
- Resource Hash
- 051444ec30afd29a9a8655c1b7378a847b473e04c137eba2f0a7892f586f024b
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
Strict-Transport-Security |
max-age=31536000;includeSubDomains;preload |
X-Content-Security-Policy |
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.comhttps://code.jquery.com *.cloudfront.net ; connect-src 'self' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net ; img-src 'self' data: *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net ; style-src 'self' 'unsafe-inline' *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net ; frame-ancestors 'self' ; frame-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|