urlscan.io logo urlscan.io
SecurityTrails logo

id.css.ch Open in urlscan Pro
194.209.96.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Effective URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_...
Submission: On November 05 via manual from DE — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 5 domains to perform 156 HTTP transactions. The main IP is 194.209.96.18, located in Adligenswil, Switzerland and belongs to SWISSCOM Swisscom Switzerland Ltd, CH. The main domain is id.css.ch.
TLS certificate: Issued by SwissSign RSA TLS OV ICA 2022 - 1 on December 6th 2023. Valid for: a year.
This is the only time id.css.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
119 20.250.75.149 8075 (MICROSOFT...)
2 52.223.19.107 16509 (AMAZON-02)
1 2a02:26f0:278... 20940 (AKAMAI-ASN1)
1 2620:1ec:29:1... 8075 (MICROSOFT...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 31 194.209.96.18 3303 (SWISSCOM ...)
1 51.107.48.68 8075 (MICROSOFT...)
156 8
119    20.250.75.149 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
my.css.ch
2    52.223.19.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: a73d3afe8ff45acb7.awsglobalaccelerator.com
edge.api.flagsmith.com
1    2a02:26f0:2780:6::214:f58a (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
cssversicherung.scene7.com
1    2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
1    2a02:26f0:3500:592::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
31    194.209.96.18 (Adligenswil, Switzerland)

ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH)
PTR: id.css.ch
id.css.ch
1    51.107.48.68 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
switzerlandnorth-0.in.applicationinsights.azure.com
Apex Domain
Subdomains		 Transfer
150 css.ch
my.css.ch
id.css.ch
3 MB
2 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 591
switzerlandnorth-0.in.applicationinsights.azure.com
905 B
2 flagsmith.com
edge.api.flagsmith.com — Cisco Umbrella Rank: 39271
494 B
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 430
81 KB
1 scene7.com
cssversicherung.scene7.com
489 B
156 5
Domain Requested by
119 my.css.ch my.css.ch
31 id.css.ch 1 redirects my.css.ch
id.css.ch
2 edge.api.flagsmith.com my.css.ch
1 switzerlandnorth-0.in.applicationinsights.azure.com my.css.ch
1 assets.adobedtm.com my.css.ch
1 js.monitor.azure.com my.css.ch
1 cssversicherung.scene7.com my.css.ch
156 7

This site contains links to these domains. Also see Links.

Domain
my.css.ch
www.css.ch
Subject Issuer Validity Valid
my.css.ch
SwissSign RSA TLS OV ICA 2022 - 1		 2024-01-09 -
2025-01-09		 a year crt.sh
edge.api.flagsmith.com
Amazon RSA 2048 M02		 2024-09-23 -
2025-10-23		 a year crt.sh
*.scene7.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-09 -
2025-10-11		 a year crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-08-20 -
2025-08-15		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-09 -
2025-08-09		 a year crt.sh
id.css.ch
SwissSign RSA TLS OV ICA 2022 - 1		 2023-12-06 -
2024-12-06		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-09-16 -
2025-09-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=9d42ea4cce1f4a0db5eb062e3922b4a5&code_challenge=7RZpsF9Gfs1Z5sOhh9RRRP91cAXBTWSNWMh0UzTR8_w&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de
Frame ID: FD81D9ADBEEB10E2DF940DF27573B536
Requests: 154 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

myCSS Login

Page URL History Show full URLs

  1. https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/] Page URL
  2. https://id.css.ch/auth/oauth2/v3/css/authorize?client_id=css-login-portal&redirect_uri=https%3... HTTP 302
    https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-lo... Page URL

Page Statistics

156
Requests

99 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

8
IPs

4
Countries

3022 kB
Transfer

5092 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/] Page URL
  2. https://id.css.ch/auth/oauth2/v3/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=9d42ea4cce1f4a0db5eb062e3922b4a5&code_challenge=7RZpsF9Gfs1Z5sOhh9RRRP91cAXBTWSNWMh0UzTR8_w&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de HTTP 302
    https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=9d42ea4cce1f4a0db5eb062e3922b4a5&code_challenge=7RZpsF9Gfs1Z5sOhh9RRRP91cAXBTWSNWMh0UzTR8_w&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

156 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
]
my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ce65c5cad9c09cfe7b5cfa9cf9ecd36634c86a4bdf940379eca3ac1f516f9e6c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
content-type
text/html
date
Tue, 05 Nov 2024 07:40:52 GMT
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
expires
0
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
pragma
no-cache
referrer-policy
origin
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
strict-transport-security
max-age=16070400
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
MuseoSans300-webfont.woff2
my.css.ch/assets/fonts/ 		17 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/assets/fonts/MuseoSans300-webfont.woff2
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
184d53ce0e02a39cd434b8dd66e2da3dd45c00bbc386ed2f3eaf4c2527c084ac
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
font/woff2
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
content-length
17260
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
MuseoSans500-webfont.woff2
my.css.ch/assets/fonts/ 		17 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/assets/fonts/MuseoSans500-webfont.woff2
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
26d51505332c23d6cbda9334670d7311bbb034572931905ecd97e7783a15c3db
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
font/woff2
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
content-length
17620
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
MuseoSans300-Italic-webfont.woff2
my.css.ch/assets/fonts/ 		17 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/assets/fonts/MuseoSans300-Italic-webfont.woff2
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
88ca2a80f09237547350197e2027844849b74bbc085cb7abf4122ed169affafb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
font/woff2
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
content-length
17716
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
MuseoSans500-Italic-webfont.woff2
my.css.ch/assets/fonts/ 		18 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/assets/fonts/MuseoSans500-Italic-webfont.woff2
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
226a231ce1028a60148cd1da305104b25ff215d590f90d9845f60e7dfd8ab1da
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
font/woff2
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
content-length
18104
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-3YFVYWXW.js
my.css.ch/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-3YFVYWXW.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d82b99405431cf56fe829099a8b1b80f5acb9154f868695f16389fd469b3e311
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-TU4V6GO3.js
my.css.ch/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-TU4V6GO3.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
072dce952d324a20e4471a10b487bdd701ff835834736fff2fc7bac57d00fcec
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-YADWKXEC.js
my.css.ch/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-YADWKXEC.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5908d20d80dfb1e7d4439e32e9d01ebeba369b1e0b2356f6dc9f3cb6b098bc13
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-DIG7F5SL.js
my.css.ch/ 		149 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-DIG7F5SL.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
28ebe5a6932c2c8f8c3761634e8332d90f49f848dc9f38a6a3bd9753830f7c93
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-LVS3S5BT.js
my.css.ch/ 		121 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-LVS3S5BT.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5b37573c4cea4afa7753109d68abdfb9c8b931774f63a6574050796cc932d11c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-ZJACKXS5.js
my.css.ch/ 		501 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-ZJACKXS5.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
05895f416a0b579fbd32b1ae48adef14c484bc39e456875935091afdf2f608e2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-TFZP6K6V.js
my.css.ch/ 		91 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-TFZP6K6V.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d35b8a63b4c50986d13629ca8d07ece76516a1ac82014620564e00a66fd5c628
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-NTM7U6YL.js
my.css.ch/ 		41 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-NTM7U6YL.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
15f46f190b711c9e5c7a421970982bd139b905018a6076eaabce77a442fba41c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-NV3RRLYD.js
my.css.ch/ 		504 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-NV3RRLYD.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
22e1f125be0d938d983795a27d25e16b5fac1e9976eaefe0e908167f00e3d185
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-FJERTZFX.js
my.css.ch/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-FJERTZFX.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b8c8b016ee484e2ba6f10f7078d29b488b457f44872486a679806cd93c9e653b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
polyfills-SGAWYHLJ.js
my.css.ch/ 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/polyfills-SGAWYHLJ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
16ccca0f9ed23a07eb7340d4cfbe70957f2a336894a4c01add83e6b5de200cdd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
scripts-XQ2ZVQBZ.js
my.css.ch/ 		452 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/scripts-XQ2ZVQBZ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90bbc7bfa7153c47da70a524c83aeeae78cf804215b177c2e042d63a664e193d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
main-HKNVWEBD.js
my.css.ch/ 		352 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/main-HKNVWEBD.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d913308c74ff88ec145a843ed56e8780bcd6f8ac86878d97c89e5e3a946be533
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
styles-4ZHU36RH.css
my.css.ch/ 		52 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/styles-4ZHU36RH.css
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b81b075c91ed26765a53525c38cc0ad19b8897557fab3e9da863a0e152c6bec8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/css
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-LA4XSSCA.js
my.css.ch/ 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-LA4XSSCA.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b5e183bf0230af6c24771b37bd3b26da4f818ad4b080ba997ed597739c098133
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-JYNAKLAK.js
my.css.ch/ 		145 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-JYNAKLAK.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cfcc40c254fef61858d25fc23e32fa432d237b8ee8f9c6a7b11a2e2354ac0ad4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-5LIVX4UL.js
my.css.ch/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-5LIVX4UL.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
016066cb6ca8afebcff3661d04336d4aff7d8fe20134b465efdfdc674d882286
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-RCR4VISP.js
my.css.ch/ 		994 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-RCR4VISP.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8ceed44f6f0e04f0c833058ca28de436d59f79b6601909cdb5ba94f46e8b4908
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-GLGRY2ZS.js
my.css.ch/ 		70 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-GLGRY2ZS.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c154d197e464480f3316f4cd2ddd796d7f912c677761fe66898b69b3f3ea53c7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-YVCUL27E.js
my.css.ch/ 		493 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-YVCUL27E.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cfa107bfae7cde15998ac6d7b1bb96b9bcc1868d7298a84c9e8840f7781adc7a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-QURNUXBH.js
my.css.ch/ 		353 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-QURNUXBH.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d6705475b2c9708f152f3bee91b28f295fd18ee18a1252b3d12ba604084c4296
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-P7FKOCP6.js
my.css.ch/ 		21 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-P7FKOCP6.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f8351d3661a9102eb2ef01bd10937f33db8549a8a0bb7b229c58221fd25addac
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-3G55OBUK.js
my.css.ch/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-3G55OBUK.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5a18f7a9f6e93c40ffa210f95f78e3a7b009740adcc768409ee6cf391455181f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-VIE3REEE.js
my.css.ch/ 		861 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-VIE3REEE.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5d38f486e55a00bee980e41fe77040f552a36c86b00a5c2067e202002aa88fb8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-Q7QZFKYV.js
my.css.ch/ 		602 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-Q7QZFKYV.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1a2782e95d5c62323351881312d8dd6bdd4d97c8aeab8c1994d448a9154d2e92
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-MUCTRGO5.js
my.css.ch/ 		954 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-MUCTRGO5.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
39b6444ccb6b4c5713705230985ce09ec957eddfe8f3406d33a8deaf3c878b1a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-MLZTFEXR.js
my.css.ch/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-MLZTFEXR.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7142394817c675ee8120731593ec2446fa1b356f667b16a0f5e6fb7e22fc0ef8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-ADIUOXG2.js
my.css.ch/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-ADIUOXG2.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
610ad7e4ae4002639f1346f6cf2073f2c6d7a4c69a66ae7faa7f7735f24ee654
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-TSVWGLJ4.js
my.css.ch/ 		179 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-TSVWGLJ4.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
192053163d2559ec9db2f99d7d68208bfc684687b02c925b4113a45aa07599cd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-GFISOH4B.js
my.css.ch/ 		28 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-GFISOH4B.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1cbe4bd74f5f6004b39868c59e88d557414c0c2e43b1cf2322db931dfdff6fd9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-HGYR3YAA.js
my.css.ch/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-HGYR3YAA.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
df1fcfdd9a23081bdcb7c87282a304ccada75996f76c8a52dff2b85d7a7dcf86
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-BOKAOP5P.js
my.css.ch/ 		1011 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-BOKAOP5P.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
557cbb4c50130094c8196f72b1fb81dca2a189b7c634dcb61c622a7fc775e0f8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-VJSTHN4D.js
my.css.ch/ 		990 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-VJSTHN4D.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6c81e32c5aa593903034727c005baca43f1001a22dede80f3b4cc32a39620bf7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-6SZ5HNHN.js
my.css.ch/ 		412 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-6SZ5HNHN.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
431b53bc0b59996fb0e366bbc11f043768a7424898ff33b56e7280e3242d0416
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-OVPFVUVD.js
my.css.ch/ 		35 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-OVPFVUVD.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ec60f5d1e0bfbc46eafb5a232a09b09baa44a7f4dc5a7c561a22e3bd38a92203
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-XEIK4NRZ.js
my.css.ch/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-XEIK4NRZ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc655416a5bc292aa0991359817c697a815c4b2e260c0e57adcf82c95cacd97d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-BKAUDIFY.js
my.css.ch/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-BKAUDIFY.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f6f70bb0524d385e3ef43fc8544d39dab402543ec3b9f49d193454aa717bf1be
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-NC7M5RGR.js
my.css.ch/ 		275 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-NC7M5RGR.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
98f372a0d9a66ca8783bcb994341a7c93e11b7b08127b5e97accf887c546cef8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-FDPJCPOI.js
my.css.ch/ 		728 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-FDPJCPOI.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f46e584963de2f770bbaa92db2c7c0a599f690080a662ce6aa427d11a0add24a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-7QRUBFSU.js
my.css.ch/ 		127 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-7QRUBFSU.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e8661df556423edb3997c425b1419a0dfee23f8d0f22c969e1ae3a43a90bc5b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-WJV3ONWF.js
my.css.ch/ 		643 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-WJV3ONWF.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6a68c312ae8568f12eb6dc688badd76c19d22c03d68dbc49d04be80d634175e9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-H42HCXHM.js
my.css.ch/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-H42HCXHM.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
061f6582c8c7059cbfedd4d14b4a335ae70f86cf39d7df978352f3f52d501052
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-PG7D5G6E.js
my.css.ch/ 		681 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-PG7D5G6E.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3ec157655035ef958b6cd9ebe022e63f170aa42501809028aaf0fac8e8f7ec0e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-UHWFQAQ6.js
my.css.ch/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-UHWFQAQ6.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90815b5eeddc92c54e521b0b1ff12ac054b89b4e29e78ddaed8d798fe16c6718
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-NA4L5MJQ.js
my.css.ch/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-NA4L5MJQ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8b91a812c94233486d062a6510476b51ea3a032bbaabc8d4327fc1f8a654ab1e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-JI7NSE4M.js
my.css.ch/ 		531 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-JI7NSE4M.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0f048090b069ab26392baed509239646d4f8813abde957e339ab593449fc2148
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-YY67HOPT.js
my.css.ch/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-YY67HOPT.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9f9bb3f1fd4d830f37e9c5a8d9dd60db0b0976e5a15fc6cf57c5048854283307
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-SBAFDZOE.js
my.css.ch/ 		776 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-SBAFDZOE.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4efa4fa22601a7220a1600367c4ae713111414316db80b887654b7506225721f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-Z36GFMZH.js
my.css.ch/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-Z36GFMZH.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f9f4e1ce35a603d26c1c93d2c7313c7f2cdbd108f99c8abd54dc0d7f80b35e0a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-YLKVGCTE.js
my.css.ch/ 		402 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-YLKVGCTE.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0014e55ebe48336243785e3c70a872c70a39d09f325c3d9b43d84864f0a61c34
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-4FH65VTK.js
my.css.ch/ 		348 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-4FH65VTK.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a13e4e44f1e337581a73d969f87849a93ebe0da6d9500b2739163330ecc4c019
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-4CQS75DA.js
my.css.ch/ 		15 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-4CQS75DA.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2d1a0118645c8e707297d54daaf44b15cf78c4f2f63d256f48d47804e436258c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-JJALKP4I.js
my.css.ch/ 		117 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-JJALKP4I.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
79cedcd14d0101e867aa41d22d0680aa713de04905d39d3b64935087aa5a9d49
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-XH3LA2JS.js
my.css.ch/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-XH3LA2JS.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2379db5a897340ddc160d82fd701970ae646d34b6de5c73dd1387625ad7a315b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-EYBRYHII.js
my.css.ch/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-EYBRYHII.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
126b12c78d337d6247b1f3fbf7cb195039911ccbc64551b2429428b81482d0a7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-K365ZLXG.js
my.css.ch/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-K365ZLXG.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1580514002d86228269f6108537f4bd1db6f2f3996212bcf40b89435cde17ad1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-DCVKSSNQ.js
my.css.ch/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-DCVKSSNQ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3c4ce8981641154dbfe7a68600cc7c7c11b4198ee15ef76b99c56ce2a2018cf1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-AJCKD42K.js
my.css.ch/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-AJCKD42K.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
91e36ed66e84507c21a57bc10cc906c2012ba8f9b3a851e99973cf83c69d7ac8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-QE7GC5FW.js
my.css.ch/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-QE7GC5FW.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d81527b5f1519ad673d919ccbaf4bb44a8b28ec08f970851d3df5492a7104396
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-NMWWMBQ7.js
my.css.ch/ 		744 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-NMWWMBQ7.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2d6bcfc1d0869aa3f6f847e06410f71d7a9aea61737f5f7cc1d6e8f7dbd2a451
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-3BMUON7F.js
my.css.ch/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-3BMUON7F.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a32d9ebedc1d9ab36129dd76264f9ff7ecc2dc8bdfd7f3882b30384478cad481
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-X27VV5T4.js
my.css.ch/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-X27VV5T4.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
894e9b87fcf55d7746a8285f3d6b0b995069cae9e3b74a61130c2bf595354222
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-4ANBMQIU.js
my.css.ch/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-4ANBMQIU.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2c98c0ec50f8ce7c2f551720a4e445de7e37560db0e476fd111c758672e941a6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-4IVR7HUW.js
my.css.ch/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-4IVR7HUW.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7bfd4e2e8b31979794e91060c7a1a580b2a2ae60dad7e004ca4b70da8aa4f4b6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-WV3DJHRO.js
my.css.ch/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-WV3DJHRO.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9609a8ac70dbddb006ba87d6845d8a728807871c45f4c7465313e6be5ec2b6ce
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-4A6OO2TS.js
my.css.ch/ 		600 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-4A6OO2TS.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7a75152fb1cda675ec9124cb0190ce92bc2f39fb9d97699949f5e52d2a5e3d28
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-CQXC7XYX.js
my.css.ch/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-CQXC7XYX.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a3597f71eb26f669c25e7d587f78c98241798d85151e7c1b9b2b64f07bbb26b3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-KXKNAG23.js
my.css.ch/ 		170 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-KXKNAG23.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1d68bc0df6ba8cc36e2e73af758efa0a033a9361b9c770f1e14eaa6a503e94cc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-MLXBECAH.js
my.css.ch/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-MLXBECAH.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8f34b495a2666db3e5a9eee845cd1199bbcc6da548da3575bb303d98fe3c1c88
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-NXSIOXO7.js
my.css.ch/ 		946 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-NXSIOXO7.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
536eb69718a9972bc43cc2703f729e43a95ea59df05e45c7e4dbc9e54b4d8aa3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-QEZGSK5A.js
my.css.ch/ 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-QEZGSK5A.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2af656250fe22edeecd82d16430378f0f6570f72f56d58d87f785f00b6f20d3b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-W6KTNDTL.js
my.css.ch/ 		933 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-W6KTNDTL.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
638d3e709bf9a156f3401b64df23538475ae08772c8d15f3b9263ba26fc335ec
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-CV55CBCZ.js
my.css.ch/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-CV55CBCZ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c4dcaea690277ab181b40bbbe280aa5523eef5a3210bd9e177a5d69b96077483
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-GOYWMCPZ.js
my.css.ch/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-GOYWMCPZ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dd1d878a8c74cdeb0d8362239d40873d24691d94f37b454cf1d24d56b80a476e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-2C4NEYVL.js
my.css.ch/ 		1022 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-2C4NEYVL.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73a51959b97b95d9ca1d037b0df0ae474e0a4180721ea16c6e5f07984ba7dcc7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-D62NWLS6.js
my.css.ch/ 		541 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-D62NWLS6.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eff1e249de193e593201e73e4958d0594251a14940529bdb81419dfda23adb63
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-4N22GXPW.js
my.css.ch/ 		99 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-4N22GXPW.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8fc58a8e281eb5e7c778968a5dcffde546dfca1235da92cd7447ae43864bd911
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-GOKFTEF7.js
my.css.ch/ 		876 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-GOKFTEF7.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1ecc40560fe1a9379b028cbff83fd74dae7fde982c8bf65332dab9cd996c5281
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-56CP5X7T.js
my.css.ch/ 		183 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-56CP5X7T.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d67f636a417e99fabe27fbd3510ccf652124bdee4bde1b95550b5a1948ab8656
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-DZJPTXXQ.js
my.css.ch/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-DZJPTXXQ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cf998c688e7709880b6f6b705156e61a0f9470d730c605ff962fb6a1458b5c19
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-AQNLQFPK.js
my.css.ch/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-AQNLQFPK.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6b3fef1e01af6453f7f9ab1e433e34520a2dcb06798e24b6e9881319c3c42f88
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-7I65L3DD.js
my.css.ch/ 		268 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-7I65L3DD.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b35d3f81ee048cc98f2e005fb16052ac49a0bc0f9e41d03f680b91aa4131769e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-NBQQZFXX.js
my.css.ch/ 		195 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-NBQQZFXX.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2e74daf40163bd7bbf26e1b300b1f54b86bff72c8548d30ed15e0b2d451e2219
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-RMWCIN6Y.js
my.css.ch/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-RMWCIN6Y.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5877236ed7ea15230f0938211a9932cc1f162174dcd062a8a51c5380c9bf2159
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-OQ4NSU3H.js
my.css.ch/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-OQ4NSU3H.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4e40bf4d94b62a21afd36d81778aec9a4c82e7e7644a2096a233b943dbc904b6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:52 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
config.json
my.css.ch/env/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/env/config.json
Requested by
Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8f34a992a8736e14af2d7934116f99c4dee509040aafd44961bd3197c48feb5c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
application/json
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
favicon.ico
my.css.ch/assets/images/ 		4 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/assets/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
443f5da46f138d77ca2716502e5fb652a9f55c763256cfd970113e0c2b2adf74
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://my.css.ch/

Response headers

etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
content-length
4286
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
/
edge.api.flagsmith.com/api/v1/flags/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edge.api.flagsmith.com/api/v1/flags/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.19.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a73d3afe8ff45acb7.awsglobalaccelerator.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-environment-key
Access-Control-Request-Method
GET
Origin
https://my.css.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, PUT
access-control-allow-origin
*
access-control-expose-headers
x-flagsmith-document-updated-at
access-control-max-age
86400
allow
GET, HEAD, OPTIONS
content-length
0
content-type
application/json
date
Tue, 05 Nov 2024 07:40:53 GMT
server
awselb/2.0
maintenance
cssversicherung.scene7.com/is/content/csskrankenversicherung/ 		995 B
489 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cssversicherung.scene7.com/is/content/csskrankenversicherung/maintenance?nocache=1730792453448
Requested by
Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:6::214:f58a , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
9364f0149d08c8ed0c02ca2aa7ca3421ff64e6213523572d3b4aedc54e95af47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Referer
https://my.css.ch/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
expires
Thu, 07 Nov 2024 07:40:53 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
259
date
Tue, 05 Nov 2024 07:40:53 GMT
akamai-grn
0.8cb61302.1730792453.47ebb14
content-type
text/css
last-modified
Wed, 30 Oct 2024 12:58:21 GMT
server
Unknown
x-akamai-cache
Miss
vary
Accept-Encoding
/
edge.api.flagsmith.com/api/v1/flags/ 		237 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.api.flagsmith.com/api/v1/flags/
Requested by
Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.19.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a73d3afe8ff45acb7.awsglobalaccelerator.com
Software
awselb/2.0 /
Resource Hash
690cb0ebca6dd6a3b53f49db24544b8a04f214502ce3d8d5fa00eb77b77e9d46

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-environment-key
n4HwLXVeFZP6cuVh8bD3H7
Referer
https://my.css.ch/

Response headers

aws-lambda-region
eu-west-2
cache-control
max-age=0
access-control-expose-headers
x-flagsmith-document-updated-at
content-encoding
gzip
access-control-allow-credentials
true
x-flagsmith-document-updated-at
1729077519.437711
access-control-allow-methods
GET, POST, PUT
aws-resource-region
eu-west-2
access-control-allow-origin
*
content-length
149
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
application/json
server
awselb/2.0
access-control-allow-headers
*
ai.config.1.cfg.json
js.monitor.azure.com/scripts/b/ 		1 KB
905 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json
Requested by
Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
64ac278a67256ae70d462c23307e75416d4e5a0a060f95e124be57772ee5b43f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://my.css.ch/

Response headers

x-azure-ref
20241105T074053Z-17985968b554cw8phC1FRAa39n0000000260000000008wh4
cache-control
public, max-age=1800, immutable, no-transform
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdkver,x-ms-meta-aijssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
141961c7-f01e-00eb-6461-2e55b3000000
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.config.1.0.0.cfg.json
access-control-allow-origin
*
x-cache
TCP_HIT
x-ms-meta-aijssdkver
1.0.0
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
application/json
vary
Accept-Encoding
last-modified
Tue, 02 Apr 2024 18:24:43 GMT
chunk-CYQC3HPW.js
my.css.ch/ 		911 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-CYQC3HPW.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-HKNVWEBD.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eed9b7322dbd260bfcbc77c5d59608ee574cfb899571e8c767aabf5b60e85cdb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-5NNGL742.js
my.css.ch/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-5NNGL742.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/chunk-BOKAOP5P.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9daa4015cdaec2387671c536ac2cee3900bb8fc3a6e521df630b935b9bc44597
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
launch-a50a3ff59732.min.js
assets.adobedtm.com/091b5d609578/5e31050b4550/ 		297 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/091b5d609578/5e31050b4550/launch-a50a3ff59732.min.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-HKNVWEBD.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:592::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0dd60776bd46b3f2cc5ac8fd8c83687a585dc9ab01827ba66e77d5e173e02ecc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://my.css.ch/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"680a2aa56e5d4ce2daabfa20af3a8905:1728894872.435769"
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 08:40:53 GMT
accept-ranges
bytes
access-control-allow-origin
https://my.css.ch
content-length
82193
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
application/x-javascript
last-modified
Mon, 14 Oct 2024 08:34:32 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
chunk-D3BOR742.js
my.css.ch/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-D3BOR742.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-HKNVWEBD.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ef579426bc061fd2a183514d27fb9bbf3b469b96a0ca5a96bc1cbc1a9238555c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-IN3IU3PJ.js
my.css.ch/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-IN3IU3PJ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-HKNVWEBD.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7691c760a58fe672e9848ad70e7280a74e8d959732af304fd8410bc6e1819d0d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
de.json
my.css.ch/assets/translations/ 		225 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/assets/translations/de.json
Requested by
Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
637b598d985d8f033305531a3e7f5a857053ac634dc81cdbdfb07dfcc3826336
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

Request-Id
|6c4c1e4e917e4b2eaf81c3c9cc0e3983.4046e6974bfe4eac
traceparent
00-6c4c1e4e917e4b2eaf81c3c9cc0e3983-4046e6974bfe4eac-01
Referer
https://my.css.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
application/json
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-TB3RO23T.js
my.css.ch/ 		67 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-TB3RO23T.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-HKNVWEBD.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
330166f33692f97ec629bc16eb857b3616529d4730e0a01112378161345eb836
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-HY4Z65LO.js
my.css.ch/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-HY4Z65LO.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-HKNVWEBD.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4da8ba784468aafc9253e469bfc65bcb24b563a4955eece94323f705a6027d5e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-UVPQCCNN.js
my.css.ch/ 		314 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-UVPQCCNN.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-HKNVWEBD.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ee24b5d05b329ac14e1787082ba57c7d19096eedf1719097e6a9ac6da9e844f2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-TQ4PWLY6.js
my.css.ch/ 		358 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-TQ4PWLY6.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
df214c8e3e8cfa721b2ac8299d2028f81c0177d4770336bb8b56bc0a97365a84
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-KV44E6PI.js
my.css.ch/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-KV44E6PI.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2c67e619fb01f6f6aa73e5126a833c3889fbfea99b3ca04db3797f8889b40320
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-6S6PEYTS.js
my.css.ch/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-6S6PEYTS.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5168455ff7820985b6bc9c11bc5adc7596093b36548fcdf0b46e5fc0477fa02e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-ELXJWVOV.js
my.css.ch/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-ELXJWVOV.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1bd4b7e04abff29d239077c7fd636d3bfec49964477c5cad3e60680b81372b1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-WDULQVM5.js
my.css.ch/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-WDULQVM5.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
275cddc0880b7a9d03f66a85ef6525fb1b7780ea7806eeb6cf92d9ef76244a3c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-VIAFFMGR.js
my.css.ch/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-VIAFFMGR.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f60f3282038abb4560eed97e996cfdb374bd181723a8920f5ef8edbea9017df2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-Y5HRAEDL.js
my.css.ch/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-Y5HRAEDL.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
10766fdbe2e113c6e5a6caf5aa9a2ad82614c4a0ae7a1a3ede762d3ce3354866
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-3AZO6NNC.js
my.css.ch/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-3AZO6NNC.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
98b299b1218c62b9e296f1c5ed4308a82d6be4b4e5cc3ee7e821a6e7cf538129
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:54 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-P3J7X2M3.js
my.css.ch/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-P3J7X2M3.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0dc58d25242228dd90693c356fe4d29ed093a9228869cb3f7c043e5aabac9587
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-ICYPS5UY.js
my.css.ch/ 		161 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-ICYPS5UY.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c22ca8efc30163e25375c48945204171cc7d4c6315a86e16dfb969ace07c3130
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-4UNNGYQJ.js
my.css.ch/ 		788 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-4UNNGYQJ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
60eba967f4e1dfb74edc2f89b33291167e1ac42e514ddd7f65e3b80beef18b89
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-UNLIRV2F.js
my.css.ch/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-UNLIRV2F.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89f8587e268e0631e765fcfd675abde72c2bd1fcc39ad1866ef72725511fa394
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-6DLAKGWN.js
my.css.ch/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-6DLAKGWN.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5bfd869785ce284ce9f8fde8b5c2b83853b67ea92a5610d512c6ce8f18018380
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-Q7SEXJE6.js
my.css.ch/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-Q7SEXJE6.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3619b7472c13c01f6f3eff44a483a014d7f79531eb35c1c73cc1e3f49440eee4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-RTXEKW2E.js
my.css.ch/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-RTXEKW2E.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e433a570a5db3c72e57a3b7e1f0ae98b47c22ae879f80bccb55f3fc82695fd9d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-GFJX2VPA.js
my.css.ch/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-GFJX2VPA.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b5857c6764684bea35815d67c36ec1985770b6d3077d78081e2fa63d83bb981b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-EVK6WSOT.js
my.css.ch/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-EVK6WSOT.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/auth/id-IW36WF230266469[https://ducinaltum.siswiss.com/rego/regos/]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3747669064f918d6400c95cb86fb3cd6c7f94d1117f377470040eef9e99cf6dd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-VEXC3JUN.js
my.css.ch/ 		404 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-VEXC3JUN.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-HKNVWEBD.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
26941ac1cce9e48241667eb3cfbe7a921ce046b7ecb5475bdb80cfebe3b052ed
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-45VV7TQN.js
my.css.ch/ 		952 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.css.ch/chunk-45VV7TQN.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-HKNVWEBD.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ece06f0c16a254f73ebcb97bff06c8f122c50c4bd73040435c09f68588c732d7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"01562623"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 07:40:53 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 13:41:39 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
self-openid-configuration
id.css.ch/auth/rest/oauth2/authorization-servers/css/.well-known/ 		1 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/rest/oauth2/authorization-servers/css/.well-known/self-openid-configuration
Requested by
Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
173d9fe05b29be9682dedd8034025e256b7fe31a83741fbd25ee3307f22c6a9b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/jwk-set+json, application/json
Referer
https://my.css.ch/

Response headers

expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
content-type
application/json;charset=UTF-8
vary
Origin,Accept-Encoding,User-Agent
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true, true
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://my.css.ch
content-length
1381
x-xss-protection
1; mode=block
server
Apache
track
switzerlandnorth-0.in.applicationinsights.azure.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://switzerlandnorth-0.in.applicationinsights.azure.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.48.68 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://my.css.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Tue, 05 Nov 2024 07:40:54 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
Primary Request authorize
id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/
Redirect Chain
  • https://id.css.ch/auth/oauth2/v3/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=9d42ea4cce...
  • https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+...
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=9d42ea4cce1f4a0db5eb062e3922b4a5&code_challenge=7RZpsF9Gfs1Z5sOhh9RRRP91cAXBTWSNWMh0UzTR8_w&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de
Requested by
Host: my.css.ch
URL: https://my.css.ch/chunk-LA4XSSCA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
2ecd659ad984742c2281470356ab45cfb7ee8eef901f22740d1a5939da2c9539
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; object-src 'none'; script-src 'nonce-OiK6G-bow1ziy_mdCsVjEcL60PFz-YdvXEBXM6v6Jao' 'strict-dynamic' 'self' *.cookiebot.com; img-src 'self' data:; connect-src 'self' *.css.ch *.cookiebot.com *.applicationinsights.azure.com; base-uri 'self'; frame-src 'self' *.cookiebot.com; frame-ancestors 'self' *.css.ch *.azurestaticapps.net *.azurewebsites.net *.cookiebot.com; upgrade-insecure-requests; block-all-mixed-content; report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce; report-to csp-endpoint;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.css.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
cache-control
no-store, no-cache, must-revalidate
content-length
3194
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; object-src 'none'; script-src 'nonce-OiK6G-bow1ziy_mdCsVjEcL60PFz-YdvXEBXM6v6Jao' 'strict-dynamic' 'self' *.cookiebot.com; img-src 'self' data:; connect-src 'self' *.css.ch *.cookiebot.com *.applicationinsights.azure.com; base-uri 'self'; frame-src 'self' *.cookiebot.com; frame-ancestors 'self' *.css.ch *.azurestaticapps.net *.azurewebsites.net *.cookiebot.com; upgrade-insecure-requests; block-all-mixed-content; report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce; report-to csp-endpoint;
content-type
text/html;charset=UTF-8
date
Tue, 05 Nov 2024 07:40:54 GMT
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
expires
0
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
referrer-policy
origin
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
server
Apache
strict-transport-security
max-age=16070400
vary
Origin,Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
cache-control
no-store, no-cache, must-revalidate
content-length
0
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; object-src 'none'; script-src 'nonce-ATlRICvCLQ4J_jbByZxcBKSr3nPwkSiwj0ckf-CNOdM' 'strict-dynamic' 'self' *.cookiebot.com; img-src 'self' data:; connect-src 'self' *.css.ch *.cookiebot.com *.applicationinsights.azure.com; base-uri 'self'; frame-src 'self' *.cookiebot.com; frame-ancestors 'self' *.css.ch *.azurestaticapps.net *.azurewebsites.net *.cookiebot.com; upgrade-insecure-requests; block-all-mixed-content; report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce; report-to csp-endpoint;
content-type
text/plain;charset=utf-8
date
Tue, 05 Nov 2024 07:40:54 GMT
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
expires
0
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
last-modified
Tue, 05 Nov 2024 07:40:54 GMT
location
/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=9d42ea4cce1f4a0db5eb062e3922b4a5&code_challenge=7RZpsF9Gfs1Z5sOhh9RRRP91cAXBTWSNWMh0UzTR8_w&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
referrer-policy
origin
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
server
Apache
strict-transport-security
max-age=16070400
vary
Origin,Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
track
switzerlandnorth-0.in.applicationinsights.azure.com/v2/ 		0
0
styles.08707b8b70dd5836.css
id.css.ch/auth/ui/ 		62 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/styles.08707b8b70dd5836.css
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=9d42ea4cce1f4a0db5eb062e3922b4a5&code_challenge=7RZpsF9Gfs1Z5sOhh9RRRP91cAXBTWSNWMh0UzTR8_w&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
46b5e5251724cd6aad0a7dc21529b2a774318d07e4093c3aa275cc5d8fb03577
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://id.css.ch/

Response headers

etag
W/"63539-1721227232000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Wed, 17 Jul 2024 14:40:32 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/css;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
content-length
63539
x-xss-protection
1; mode=block
server
Apache
iam.e8131b50722b3d67.js
id.css.ch/auth/ui/assets/airlock/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/assets/airlock/js/iam.e8131b50722b3d67.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=9d42ea4cce1f4a0db5eb062e3922b4a5&code_challenge=7RZpsF9Gfs1Z5sOhh9RRRP91cAXBTWSNWMh0UzTR8_w&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
73d2de38c926993924a4df0afd4ec669364162bc69b0d02601096fddf4447340
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://id.css.ch/

Response headers

etag
W/"6704-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
content-length
6704
x-xss-protection
1; mode=block
server
Apache
iam-custom.dd828a0acf5afdf7.js
id.css.ch/auth/ui/assets/custom/js/ 		361 KB
361 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=9d42ea4cce1f4a0db5eb062e3922b4a5&code_challenge=7RZpsF9Gfs1Z5sOhh9RRRP91cAXBTWSNWMh0UzTR8_w&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
51ffc83ed743ac83bbaa31ff70205a8c8005e18fd33b181753a1589d162fa516
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"369676-1721227244000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Wed, 17 Jul 2024 14:40:44 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
369676
x-xss-protection
1; mode=block
server
Apache
runtime.a5fcb72dd38bddab.js
id.css.ch/auth/ui/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=9d42ea4cce1f4a0db5eb062e3922b4a5&code_challenge=7RZpsF9Gfs1Z5sOhh9RRRP91cAXBTWSNWMh0UzTR8_w&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
dcde0aa43386104265e30aa734a2f7afc188bae7b872beaac115ba1f4a3fd3a4
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"6930-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
6930
x-xss-protection
1; mode=block
server
Apache
polyfills.44be6b6d8b1d9b4f.js
id.css.ch/auth/ui/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/polyfills.44be6b6d8b1d9b4f.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=9d42ea4cce1f4a0db5eb062e3922b4a5&code_challenge=7RZpsF9Gfs1Z5sOhh9RRRP91cAXBTWSNWMh0UzTR8_w&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
25f0664272677a3f1de14a2800edecf83935da3a625e1441a4a7982bc947888a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"34163-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
34163
x-xss-protection
1; mode=block
server
Apache
scripts.36c7649c8b23686e.js
id.css.ch/auth/ui/ 		144 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/scripts.36c7649c8b23686e.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=9d42ea4cce1f4a0db5eb062e3922b4a5&code_challenge=7RZpsF9Gfs1Z5sOhh9RRRP91cAXBTWSNWMh0UzTR8_w&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
18e190ecef8f0abab753ce7d080a9226db06ccd7ef307e7b23e3d1311aecabcc
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://id.css.ch/

Response headers

etag
W/"147746-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
content-length
147746
x-xss-protection
1; mode=block
server
Apache
main.574d81c245f99009.js
id.css.ch/auth/ui/ 		972 KB
973 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/main.574d81c245f99009.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=9d42ea4cce1f4a0db5eb062e3922b4a5&code_challenge=7RZpsF9Gfs1Z5sOhh9RRRP91cAXBTWSNWMh0UzTR8_w&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
467dfd94d2f3fc07b180873e78455d838d0a66763625bafee9c14a34968bdbdb
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"995391-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
995391
x-xss-protection
1; mode=block
server
Apache
languages
id.css.ch/auth/rest/public/ui/ 		209 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/rest/public/ui/languages
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
7c4c0a94ac700318c75b02603c00637986f723b0eeaedac41c19cfcf07375b54
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://id.css.ch/
Pragma
no-cache
X-Same-Domain
1
Request-Id
|8051d05985854476b95c41f2fdf0bc79.5c7f792b505647e7
traceparent
00-8051d05985854476b95c41f2fdf0bc79-5c7f792b505647e7-01
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
expires
0
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 05 Nov 2024 07:40:54 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
application/vnd.api+json
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
no-store, no-cache, must-revalidate
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
content-length
209
x-xss-protection
1; mode=block
server
Apache
common.a96369b7e9b73fc0.js
id.css.ch/auth/ui/ 		54 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/common.a96369b7e9b73fc0.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
28068ef87eebe9c924f5f8e6250a2c59138b2577e36882d8dda00396e64cec67
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"55555-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
55555
x-xss-protection
1; mode=block
server
Apache
4297.98b7be890ea6e9d4.js
id.css.ch/auth/ui/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/4297.98b7be890ea6e9d4.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
dc1979adbb5fcb8d71ad0a0808168555de5132eba802f5f0bf1b0bb3fbbde626
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"18902-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
18902
x-xss-protection
1; mode=block
server
Apache
MuseoSans300-webfont.6c49dff08d4f9398.woff2
id.css.ch/auth/ui/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/MuseoSans300-webfont.6c49dff08d4f9398.woff2
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/styles.08707b8b70dd5836.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
184d53ce0e02a39cd434b8dd66e2da3dd45c00bbc386ed2f3eaf4c2527c084ac
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"17260-1721227232000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Wed, 17 Jul 2024 14:40:32 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
font/woff2
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
17260
x-xss-protection
1; mode=block
server
Apache
de.json
id.css.ch/auth/ui/assets/airlock/i18n/ 		69 KB
69 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/assets/airlock/i18n/de.json
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
62319feb1bff066c27ee91e5b188c9a09e2c04c4cf6c6bb98e61fd3d5eb97d7f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Request-Id
|8051d05985854476b95c41f2fdf0bc79.314b0dfa39e743a5
traceparent
00-8051d05985854476b95c41f2fdf0bc79-314b0dfa39e743a5-01
Referer
https://id.css.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

etag
1296823158
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Wed, 28 Aug 2024 07:14:59 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
application/json;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=0
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
content-length
70532
x-xss-protection
1; mode=block
server
Apache
8552.ed3caa7d7b2b6014.js
id.css.ch/auth/ui/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/8552.ed3caa7d7b2b6014.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
54d5a65ad73975ba4f32c410f6448a25ef4d35c801cc9ece1e856ff2569ca71e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"1724-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
1724
x-xss-protection
1; mode=block
server
Apache
6424.7bfbcdde6d729f35.js
id.css.ch/auth/ui/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/6424.7bfbcdde6d729f35.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
24bbac3376a3aaed9d1ee9c421ad5a4f736adfe1467e9afe1dfdeb04fc35c71e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"2996-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
2996
x-xss-protection
1; mode=block
server
Apache
flow
id.css.ch/auth/rest/public/authentication/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/rest/public/authentication/flow
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://id.css.ch/
Accept-Language
de
Pragma
no-cache
X-Same-Domain
1
Request-Id
|8051d05985854476b95c41f2fdf0bc79.ff76c5d47b644efc
traceparent
00-8051d05985854476b95c41f2fdf0bc79-ff76c5d47b644efc-01
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
expires
0
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 05 Nov 2024 07:40:54 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
no-store, no-cache, must-revalidate
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://id.css.ch
x-xss-protection
1; mode=block
server
Apache
favicon.ico
id.css.ch/auth/ui/assets/custom/img/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/assets/custom/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
443f5da46f138d77ca2716502e5fb652a9f55c763256cfd970113e0c2b2adf74
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://id.css.ch/

Response headers

etag
W/"4286-1721227234000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Wed, 17 Jul 2024 14:40:34 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
image/x-icon
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
content-length
4286
x-xss-protection
1; mode=block
server
Apache
authorize
id.css.ch/auth/rest/public/authentication/oauth2/authorization-servers/css/ 		191 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/rest/public/authentication/oauth2/authorization-servers/css/authorize
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
3c0ec58267f0923c6279795c1abad30b27154f07f29601f73e629c3ce22e2c92
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://id.css.ch/
Accept-Language
de
Pragma
no-cache
X-Same-Domain
1
Request-Id
|8051d05985854476b95c41f2fdf0bc79.f44ba5e152f74ae6
traceparent
00-8051d05985854476b95c41f2fdf0bc79-f44ba5e152f74ae6-01
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
expires
0
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 05 Nov 2024 07:40:54 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
application/vnd.api+json
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
no-store, no-cache, must-revalidate
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
www-authenticate
None
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://id.css.ch
content-length
191
x-xss-protection
1; mode=block
server
Apache
configuration
id.css.ch/auth/rest/public/authentication/ui/ 		322 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/rest/public/authentication/ui/configuration
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
552c17817677e145cbbf83e79e3e6bfbd403c280bf2aff2619103e336bb6edbf
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://id.css.ch/
Accept-Language
de
Pragma
no-cache
X-Same-Domain
1
Request-Id
|8051d05985854476b95c41f2fdf0bc79.022c9acc08b64d6d
traceparent
00-8051d05985854476b95c41f2fdf0bc79-022c9acc08b64d6d-01
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
expires
0
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 05 Nov 2024 07:40:54 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
application/vnd.api+json
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
no-store, no-cache, must-revalidate
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
content-length
322
x-xss-protection
1; mode=block
server
Apache
3640.cc8aca638b28bfb0.js
id.css.ch/auth/ui/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/3640.cc8aca638b28bfb0.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
4e7bdec884dcc94de26fe95a6e32c0f5fd78a1c8f7aab28e10e9d7196affad29
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"11585-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
11585
x-xss-protection
1; mode=block
server
Apache
9756.5e6bd003b8bd1682.js
id.css.ch/auth/ui/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/9756.5e6bd003b8bd1682.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
9b0e3b7118d9987303555e13b466c6ef4c9980792c3f1dd11a01d93263da9cd0
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"32785-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
32785
x-xss-protection
1; mode=block
server
Apache
6326.eaa140bfff4e957e.js
id.css.ch/auth/ui/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/6326.eaa140bfff4e957e.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
6dfb24e850f09de9e9d7575d093c1a11145a97b6fb251b0fc92352b876849910
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"12384-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
12384
x-xss-protection
1; mode=block
server
Apache
2076.d660fa4a4ed85bd6.js
id.css.ch/auth/ui/ 		29 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/2076.d660fa4a4ed85bd6.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
5180491ba74eee59c3454fc581cfbd1149c61bfb58adc812f15d3d27cdfe4a77
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"29533-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
29533
x-xss-protection
1; mode=block
server
Apache
1492.a68e584579b8c2e7.js
id.css.ch/auth/ui/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/1492.a68e584579b8c2e7.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
e59a6120cf307a7a6132078aeca04fe018d071237d30d39054872a049b9a12d1
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"1735-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
1735
x-xss-protection
1; mode=block
server
Apache
configuration
id.css.ch/auth/rest/public/authentication/ui/ 		322 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/rest/public/authentication/ui/configuration
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
8fdfe28e551e2b033fc095d57ccb21b835e5bf956813cf486fd24497ac8f4ca7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://id.css.ch/
Accept-Language
de
Pragma
no-cache
X-Continue-Flow
true
X-Same-Domain
1
Request-Id
|8051d05985854476b95c41f2fdf0bc79.2cc4a4b61f6f4ad5
traceparent
00-8051d05985854476b95c41f2fdf0bc79-2cc4a4b61f6f4ad5-01
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
expires
0
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Tue, 05 Nov 2024 07:40:54 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
application/vnd.api+json
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
no-store, no-cache, must-revalidate
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
content-length
322
x-xss-protection
1; mode=block
server
Apache
MuseoSans500-webfont.619169faeb3efa73.woff2
id.css.ch/auth/ui/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/MuseoSans500-webfont.619169faeb3efa73.woff2
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/styles.08707b8b70dd5836.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
26d51505332c23d6cbda9334670d7311bbb034572931905ecd97e7783a15c3db
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"17620-1721227232000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Wed, 17 Jul 2024 14:40:32 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
font/woff2
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
17620
x-xss-protection
1; mode=block
server
Apache
CSS_cyan_rgb.svg
id.css.ch/auth/ui/assets/custom/img/css-logo/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.css.ch/auth/ui/assets/custom/img/css-logo/CSS_cyan_rgb.svg?23937f236b3be9ee4a78
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
0cdb9ee0a9861e2c652dc044669c20fc744b65bf5dc0db0508dbd86df9bd5470
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://id.css.ch/

Response headers

etag
W/"1282-1721227234000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Wed, 17 Jul 2024 14:40:34 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
image/svg+xml
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
content-length
1282
x-xss-protection
1; mode=block
server
Apache
CSS_125_siegel_dfi.svg
id.css.ch/auth/ui/assets/custom/img/css-logo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.css.ch/auth/ui/assets/custom/img/css-logo/CSS_125_siegel_dfi.svg?23937f236b3be9ee4a78
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
eb3dbfba8a4717a00537b58c42f7055a9ddfc38ba6e89d1829ca5caed793fc51
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://id.css.ch/

Response headers

etag
W/"4346-1721227234000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Wed, 17 Jul 2024 14:40:34 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
image/svg+xml
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
content-length
4346
x-xss-protection
1; mode=block
server
Apache
favicon.ico
id.css.ch/auth/ui/assets/custom/img/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://id.css.ch/auth/ui/assets/custom/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
443f5da46f138d77ca2716502e5fb652a9f55c763256cfd970113e0c2b2adf74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://id.css.ch/

Response headers

etag
W/"4286-1721227234000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Tue, 05 Nov 2024 07:40:54 GMT
last-modified
Wed, 17 Jul 2024 14:40:34 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
image/x-icon
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
content-length
4286
x-xss-protection
1; mode=block
server
Apache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
switzerlandnorth-0.in.applicationinsights.azure.com
URL
https://switzerlandnorth-0.in.applicationinsights.azure.com/v2/track

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| iam object| __tsUtils$gblCfg object| __dynProto$Gbl object| webpackChunkapp function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched boolean| __zone_symbol__ononscrollsnapchangepatched boolean| __zone_symbol__ononscrollsnapchangingpatched function| __zone_symbol__queueMicrotask object| Arrive number| uidEvent object| __zone_symbol__loadfalse object| __zone_symbol__resizefalse object| bootstrap object| Mustache function| _ object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__onlinefalse object| __zone_symbol__offlinefalse function| arrive function| unbindArrive function| leave function| unbindLeave function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener function| eventListeners function| removeAllListeners

6 Cookies

Domain/Path Name / Value
my.css.ch/ Name: ai_user
Value: /O+TJhXzJGKeWsG9sh4FjZ|2024-11-05T07:40:53.676Z
my.css.ch/ Name: ai_session
Value: fgn/PsOizh42ByucArxGH+|1730792453768|1730792453768
.css.ch/ Name: CSS_SESS-S
Value: AeRHQtIX3QAI9T9ksagt_midgzVWx0XgReCuyPll3vdQRXFdP4o8cttx9EDOEGK6Ok0T
.css.ch/ Name: CSS_LB-S
Value: $xc/oGiWJkLz6H!Ifwj8UhbLEht7X2Qh!acSCovXXtzVUUQMlgZu
id.css.ch/ Name: ai_user
Value: 0FAtCYKvgflJHTbBMF25kB|2024-11-05T07:40:54.450Z
id.css.ch/ Name: ai_session
Value: kkiTRgE+v6B/gIGMeKp7Nv|1730792454457|1730792454457

15 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vr'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, encrypted-media, fullscreen, geolocation, gyroscope, magnetometer, microphone, midi, payment, picture-in-picture, sync-xhr, usb. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vr'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: autoplay, camera, encrypted-media, fullscreen, geolocation, microphone, midi, payment. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vr'.
security error URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js(Line 1)
Message:
Refused to connect to 'https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json' because it violates the following Content Security Policy directive: "connect-src 'self' *.css.ch *.cookiebot.com *.applicationinsights.azure.com".
javascript error URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js(Line 1)
Message:
Refused to connect to 'https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json' because it violates the document's Content Security Policy.
network error URL: https://id.css.ch/auth/rest/public/authentication/oauth2/authorization-servers/css/authorize
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cssversicherung.scene7.com
edge.api.flagsmith.com
id.css.ch
js.monitor.azure.com
my.css.ch
switzerlandnorth-0.in.applicationinsights.azure.com
switzerlandnorth-0.in.applicationinsights.azure.com
194.209.96.18
20.250.75.149
2620:1ec:29:1::45
2a02:26f0:2780:6::214:f58a
2a02:26f0:3500:592::1e80
51.107.48.68
52.223.19.107
0014e55ebe48336243785e3c70a872c70a39d09f325c3d9b43d84864f0a61c34
016066cb6ca8afebcff3661d04336d4aff7d8fe20134b465efdfdc674d882286
05895f416a0b579fbd32b1ae48adef14c484bc39e456875935091afdf2f608e2
061f6582c8c7059cbfedd4d14b4a335ae70f86cf39d7df978352f3f52d501052
072dce952d324a20e4471a10b487bdd701ff835834736fff2fc7bac57d00fcec
0cdb9ee0a9861e2c652dc044669c20fc744b65bf5dc0db0508dbd86df9bd5470
0dc58d25242228dd90693c356fe4d29ed093a9228869cb3f7c043e5aabac9587
0dd60776bd46b3f2cc5ac8fd8c83687a585dc9ab01827ba66e77d5e173e02ecc
0e8661df556423edb3997c425b1419a0dfee23f8d0f22c969e1ae3a43a90bc5b
0f048090b069ab26392baed509239646d4f8813abde957e339ab593449fc2148
10766fdbe2e113c6e5a6caf5aa9a2ad82614c4a0ae7a1a3ede762d3ce3354866
126b12c78d337d6247b1f3fbf7cb195039911ccbc64551b2429428b81482d0a7
1580514002d86228269f6108537f4bd1db6f2f3996212bcf40b89435cde17ad1
15f46f190b711c9e5c7a421970982bd139b905018a6076eaabce77a442fba41c
16ccca0f9ed23a07eb7340d4cfbe70957f2a336894a4c01add83e6b5de200cdd
173d9fe05b29be9682dedd8034025e256b7fe31a83741fbd25ee3307f22c6a9b
184d53ce0e02a39cd434b8dd66e2da3dd45c00bbc386ed2f3eaf4c2527c084ac
18e190ecef8f0abab753ce7d080a9226db06ccd7ef307e7b23e3d1311aecabcc
192053163d2559ec9db2f99d7d68208bfc684687b02c925b4113a45aa07599cd
1a2782e95d5c62323351881312d8dd6bdd4d97c8aeab8c1994d448a9154d2e92
1cbe4bd74f5f6004b39868c59e88d557414c0c2e43b1cf2322db931dfdff6fd9
1d68bc0df6ba8cc36e2e73af758efa0a033a9361b9c770f1e14eaa6a503e94cc
1ecc40560fe1a9379b028cbff83fd74dae7fde982c8bf65332dab9cd996c5281
226a231ce1028a60148cd1da305104b25ff215d590f90d9845f60e7dfd8ab1da
22e1f125be0d938d983795a27d25e16b5fac1e9976eaefe0e908167f00e3d185
2379db5a897340ddc160d82fd701970ae646d34b6de5c73dd1387625ad7a315b
24bbac3376a3aaed9d1ee9c421ad5a4f736adfe1467e9afe1dfdeb04fc35c71e
25f0664272677a3f1de14a2800edecf83935da3a625e1441a4a7982bc947888a
26941ac1cce9e48241667eb3cfbe7a921ce046b7ecb5475bdb80cfebe3b052ed
26d51505332c23d6cbda9334670d7311bbb034572931905ecd97e7783a15c3db
275cddc0880b7a9d03f66a85ef6525fb1b7780ea7806eeb6cf92d9ef76244a3c
28068ef87eebe9c924f5f8e6250a2c59138b2577e36882d8dda00396e64cec67
28ebe5a6932c2c8f8c3761634e8332d90f49f848dc9f38a6a3bd9753830f7c93
2af656250fe22edeecd82d16430378f0f6570f72f56d58d87f785f00b6f20d3b
2c67e619fb01f6f6aa73e5126a833c3889fbfea99b3ca04db3797f8889b40320
2c98c0ec50f8ce7c2f551720a4e445de7e37560db0e476fd111c758672e941a6
2d1a0118645c8e707297d54daaf44b15cf78c4f2f63d256f48d47804e436258c
2d6bcfc1d0869aa3f6f847e06410f71d7a9aea61737f5f7cc1d6e8f7dbd2a451
2e74daf40163bd7bbf26e1b300b1f54b86bff72c8548d30ed15e0b2d451e2219
2ecd659ad984742c2281470356ab45cfb7ee8eef901f22740d1a5939da2c9539
330166f33692f97ec629bc16eb857b3616529d4730e0a01112378161345eb836
3619b7472c13c01f6f3eff44a483a014d7f79531eb35c1c73cc1e3f49440eee4
3747669064f918d6400c95cb86fb3cd6c7f94d1117f377470040eef9e99cf6dd
39b6444ccb6b4c5713705230985ce09ec957eddfe8f3406d33a8deaf3c878b1a
3c0ec58267f0923c6279795c1abad30b27154f07f29601f73e629c3ce22e2c92
3c4ce8981641154dbfe7a68600cc7c7c11b4198ee15ef76b99c56ce2a2018cf1
3ec157655035ef958b6cd9ebe022e63f170aa42501809028aaf0fac8e8f7ec0e
431b53bc0b59996fb0e366bbc11f043768a7424898ff33b56e7280e3242d0416
443f5da46f138d77ca2716502e5fb652a9f55c763256cfd970113e0c2b2adf74
467dfd94d2f3fc07b180873e78455d838d0a66763625bafee9c14a34968bdbdb
46b5e5251724cd6aad0a7dc21529b2a774318d07e4093c3aa275cc5d8fb03577
4da8ba784468aafc9253e469bfc65bcb24b563a4955eece94323f705a6027d5e
4e40bf4d94b62a21afd36d81778aec9a4c82e7e7644a2096a233b943dbc904b6
4e7bdec884dcc94de26fe95a6e32c0f5fd78a1c8f7aab28e10e9d7196affad29
4efa4fa22601a7220a1600367c4ae713111414316db80b887654b7506225721f
5168455ff7820985b6bc9c11bc5adc7596093b36548fcdf0b46e5fc0477fa02e
5180491ba74eee59c3454fc581cfbd1149c61bfb58adc812f15d3d27cdfe4a77
51ffc83ed743ac83bbaa31ff70205a8c8005e18fd33b181753a1589d162fa516
536eb69718a9972bc43cc2703f729e43a95ea59df05e45c7e4dbc9e54b4d8aa3
54d5a65ad73975ba4f32c410f6448a25ef4d35c801cc9ece1e856ff2569ca71e
552c17817677e145cbbf83e79e3e6bfbd403c280bf2aff2619103e336bb6edbf
557cbb4c50130094c8196f72b1fb81dca2a189b7c634dcb61c622a7fc775e0f8
5877236ed7ea15230f0938211a9932cc1f162174dcd062a8a51c5380c9bf2159
5908d20d80dfb1e7d4439e32e9d01ebeba369b1e0b2356f6dc9f3cb6b098bc13
5a18f7a9f6e93c40ffa210f95f78e3a7b009740adcc768409ee6cf391455181f
5b37573c4cea4afa7753109d68abdfb9c8b931774f63a6574050796cc932d11c
5bfd869785ce284ce9f8fde8b5c2b83853b67ea92a5610d512c6ce8f18018380
5d38f486e55a00bee980e41fe77040f552a36c86b00a5c2067e202002aa88fb8
60eba967f4e1dfb74edc2f89b33291167e1ac42e514ddd7f65e3b80beef18b89
610ad7e4ae4002639f1346f6cf2073f2c6d7a4c69a66ae7faa7f7735f24ee654
62319feb1bff066c27ee91e5b188c9a09e2c04c4cf6c6bb98e61fd3d5eb97d7f
637b598d985d8f033305531a3e7f5a857053ac634dc81cdbdfb07dfcc3826336
638d3e709bf9a156f3401b64df23538475ae08772c8d15f3b9263ba26fc335ec
64ac278a67256ae70d462c23307e75416d4e5a0a060f95e124be57772ee5b43f
690cb0ebca6dd6a3b53f49db24544b8a04f214502ce3d8d5fa00eb77b77e9d46
6a68c312ae8568f12eb6dc688badd76c19d22c03d68dbc49d04be80d634175e9
6b3fef1e01af6453f7f9ab1e433e34520a2dcb06798e24b6e9881319c3c42f88
6c81e32c5aa593903034727c005baca43f1001a22dede80f3b4cc32a39620bf7
6dfb24e850f09de9e9d7575d093c1a11145a97b6fb251b0fc92352b876849910
7142394817c675ee8120731593ec2446fa1b356f667b16a0f5e6fb7e22fc0ef8
73a51959b97b95d9ca1d037b0df0ae474e0a4180721ea16c6e5f07984ba7dcc7
73d2de38c926993924a4df0afd4ec669364162bc69b0d02601096fddf4447340
7691c760a58fe672e9848ad70e7280a74e8d959732af304fd8410bc6e1819d0d
79cedcd14d0101e867aa41d22d0680aa713de04905d39d3b64935087aa5a9d49
7a75152fb1cda675ec9124cb0190ce92bc2f39fb9d97699949f5e52d2a5e3d28
7bfd4e2e8b31979794e91060c7a1a580b2a2ae60dad7e004ca4b70da8aa4f4b6
7c4c0a94ac700318c75b02603c00637986f723b0eeaedac41c19cfcf07375b54
88ca2a80f09237547350197e2027844849b74bbc085cb7abf4122ed169affafb
894e9b87fcf55d7746a8285f3d6b0b995069cae9e3b74a61130c2bf595354222
89f8587e268e0631e765fcfd675abde72c2bd1fcc39ad1866ef72725511fa394
8b91a812c94233486d062a6510476b51ea3a032bbaabc8d4327fc1f8a654ab1e
8ceed44f6f0e04f0c833058ca28de436d59f79b6601909cdb5ba94f46e8b4908
8f34a992a8736e14af2d7934116f99c4dee509040aafd44961bd3197c48feb5c
8f34b495a2666db3e5a9eee845cd1199bbcc6da548da3575bb303d98fe3c1c88
8fc58a8e281eb5e7c778968a5dcffde546dfca1235da92cd7447ae43864bd911
8fdfe28e551e2b033fc095d57ccb21b835e5bf956813cf486fd24497ac8f4ca7
90815b5eeddc92c54e521b0b1ff12ac054b89b4e29e78ddaed8d798fe16c6718
90bbc7bfa7153c47da70a524c83aeeae78cf804215b177c2e042d63a664e193d
91e36ed66e84507c21a57bc10cc906c2012ba8f9b3a851e99973cf83c69d7ac8
9364f0149d08c8ed0c02ca2aa7ca3421ff64e6213523572d3b4aedc54e95af47
9609a8ac70dbddb006ba87d6845d8a728807871c45f4c7465313e6be5ec2b6ce
98b299b1218c62b9e296f1c5ed4308a82d6be4b4e5cc3ee7e821a6e7cf538129
98f372a0d9a66ca8783bcb994341a7c93e11b7b08127b5e97accf887c546cef8
9b0e3b7118d9987303555e13b466c6ef4c9980792c3f1dd11a01d93263da9cd0
9daa4015cdaec2387671c536ac2cee3900bb8fc3a6e521df630b935b9bc44597
9f9bb3f1fd4d830f37e9c5a8d9dd60db0b0976e5a15fc6cf57c5048854283307
a13e4e44f1e337581a73d969f87849a93ebe0da6d9500b2739163330ecc4c019
a32d9ebedc1d9ab36129dd76264f9ff7ecc2dc8bdfd7f3882b30384478cad481
a3597f71eb26f669c25e7d587f78c98241798d85151e7c1b9b2b64f07bbb26b3
b35d3f81ee048cc98f2e005fb16052ac49a0bc0f9e41d03f680b91aa4131769e
b5857c6764684bea35815d67c36ec1985770b6d3077d78081e2fa63d83bb981b
b5e183bf0230af6c24771b37bd3b26da4f818ad4b080ba997ed597739c098133
b81b075c91ed26765a53525c38cc0ad19b8897557fab3e9da863a0e152c6bec8
b8c8b016ee484e2ba6f10f7078d29b488b457f44872486a679806cd93c9e653b
c154d197e464480f3316f4cd2ddd796d7f912c677761fe66898b69b3f3ea53c7
c1bd4b7e04abff29d239077c7fd636d3bfec49964477c5cad3e60680b81372b1
c22ca8efc30163e25375c48945204171cc7d4c6315a86e16dfb969ace07c3130
c4dcaea690277ab181b40bbbe280aa5523eef5a3210bd9e177a5d69b96077483
ce65c5cad9c09cfe7b5cfa9cf9ecd36634c86a4bdf940379eca3ac1f516f9e6c
cf998c688e7709880b6f6b705156e61a0f9470d730c605ff962fb6a1458b5c19
cfa107bfae7cde15998ac6d7b1bb96b9bcc1868d7298a84c9e8840f7781adc7a
cfcc40c254fef61858d25fc23e32fa432d237b8ee8f9c6a7b11a2e2354ac0ad4
d35b8a63b4c50986d13629ca8d07ece76516a1ac82014620564e00a66fd5c628
d6705475b2c9708f152f3bee91b28f295fd18ee18a1252b3d12ba604084c4296
d67f636a417e99fabe27fbd3510ccf652124bdee4bde1b95550b5a1948ab8656
d81527b5f1519ad673d919ccbaf4bb44a8b28ec08f970851d3df5492a7104396
d82b99405431cf56fe829099a8b1b80f5acb9154f868695f16389fd469b3e311
d913308c74ff88ec145a843ed56e8780bcd6f8ac86878d97c89e5e3a946be533
dc1979adbb5fcb8d71ad0a0808168555de5132eba802f5f0bf1b0bb3fbbde626
dc655416a5bc292aa0991359817c697a815c4b2e260c0e57adcf82c95cacd97d
dcde0aa43386104265e30aa734a2f7afc188bae7b872beaac115ba1f4a3fd3a4
dd1d878a8c74cdeb0d8362239d40873d24691d94f37b454cf1d24d56b80a476e
df1fcfdd9a23081bdcb7c87282a304ccada75996f76c8a52dff2b85d7a7dcf86
df214c8e3e8cfa721b2ac8299d2028f81c0177d4770336bb8b56bc0a97365a84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e433a570a5db3c72e57a3b7e1f0ae98b47c22ae879f80bccb55f3fc82695fd9d
e59a6120cf307a7a6132078aeca04fe018d071237d30d39054872a049b9a12d1
eb3dbfba8a4717a00537b58c42f7055a9ddfc38ba6e89d1829ca5caed793fc51
ec60f5d1e0bfbc46eafb5a232a09b09baa44a7f4dc5a7c561a22e3bd38a92203
ece06f0c16a254f73ebcb97bff06c8f122c50c4bd73040435c09f68588c732d7
ee24b5d05b329ac14e1787082ba57c7d19096eedf1719097e6a9ac6da9e844f2
eed9b7322dbd260bfcbc77c5d59608ee574cfb899571e8c767aabf5b60e85cdb
ef579426bc061fd2a183514d27fb9bbf3b469b96a0ca5a96bc1cbc1a9238555c
eff1e249de193e593201e73e4958d0594251a14940529bdb81419dfda23adb63
f46e584963de2f770bbaa92db2c7c0a599f690080a662ce6aa427d11a0add24a
f60f3282038abb4560eed97e996cfdb374bd181723a8920f5ef8edbea9017df2
f6f70bb0524d385e3ef43fc8544d39dab402543ec3b9f49d193454aa717bf1be
f8351d3661a9102eb2ef01bd10937f33db8549a8a0bb7b229c58221fd25addac
f9f4e1ce35a603d26c1c93d2c7313c7f2cdbd108f99c8abd54dc0d7f80b35e0a