www.card24.app Open in urlscan Pro
194.11.207.141 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.card24.app/de
Submission: On August 01 via manual (August 1st 2024, 2:27:56 pm UTC) from DE — Scanned from CH

Summary HTTP 63 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 63 HTTP transactions. The main IP is 194.11.207.141, located in Switzerland and belongs to SUNRISE, CH. The main domain is www.card24.app.
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on December 18th 2023. Valid for: a year.

This is the only time www.card24.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	194.11.207.141 194.11.207.141	6730 (SUNRISE) (SUNRISE)
10	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:1c7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	66.235.152.221 66.235.152.221	16509 (AMAZON-02) (AMAZON-02)
63	8

43 194.11.207.141 (Switzerland)

ASN6730 (SUNRISE, CH)

www.card24.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1c7f (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.221 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-221.data.adobedc.net

cornerbanca.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	card24.app www.card24.app	239 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 554	174 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	72 KB
1	omtrdc.net cornerbanca.tt.omtrdc.net	790 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 1019	304 B
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 521	111 KB
63	7

	Domain	Requested by
43	www.card24.app	www.card24.app
10	cdn.cookielaw.org	www.card24.app cdn.cookielaw.org
2	connect.facebook.net	assets.adobedtm.com connect.facebook.net
1	cornerbanca.tt.omtrdc.net	assets.adobedtm.com
1	static.ads-twitter.com	assets.adobedtm.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	assets.adobedtm.com	www.card24.app
63	7

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
www.corner.ch
www.cornercard.ch
www.onetrust.com

Subject Issuer	Validity	Valid
www.card24.app DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-18` - `2025-01-17`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-10` - `2024-08-08`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.card24.app/de
Frame ID: 5E183858B902620EEBCD79009F89930E
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Card24

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

scrollreveal (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

scrollreveal(?:\.min)(?:\.js)

Page Statistics

63
Requests

94 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

613 kB
Transfer

1656 kB
Size

5
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/app/apple-store/id1573439042?pt=1602261&ct=c24PublicSite&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ch.corner.card.mobile.card24&referrer=utm_source%3DC24_publicSite%26utm_medium%3Dlink%26utm_campaign%3DC24_publicSite

Search URL Search Domain Scan URL

URL: https://www.corner.ch/de/legales/datenschutzerklarung/
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.cornercard.ch/de/legales/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request de Show response
www.card24.app/ 35 KB
12 KB 5861ms
92ms Document
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

08fc1e7620a1f3c1645bdcf45ea6aec45bf7d3ce898a86dc270b81ace1425f2d

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: public, max-age=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 9160
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Content-Type: text/html;charset=UTF-8
Date: Thu, 01 Aug 2024 14:27:41 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Thu, 01 Aug 2024 14:27:41 GMT
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET tiny-slider.css
www.card24.app/assets/libs/tiny-slider/ 0
0

GET style.css
www.card24.app/assets/ 0
0

GET
H/1.1 404
Not Found jquery-3.7.0.min.js
www.card24.app/assets/libs/ 0
0 288ms
132ms Script
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.card24.app/assets/libs/jquery-3.7.0.min.js

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:41 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=100

GET
H/1.1 404
Not Found tiny-slider.min.js
www.card24.app/assets/libs/tiny-slider/ 0
0 287ms
123ms Script
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.card24.app/assets/libs/tiny-slider/tiny-slider.min.js?v=2.9.3

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:41 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=100

GET
H/1.1 404
Not Found scrollreveal.min.js
www.card24.app/assets/libs/ 0
0 286ms
122ms Script
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.card24.app/assets/libs/scrollreveal.min.js

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:41 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=100

GET
H/1.1 404
Not Found script.js
www.card24.app/assets/ 0
0 298ms
135ms Script
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.card24.app/assets/script.js?v=1.2

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:41 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
www.card24.app/export/system/modules/ch.corner.landing/resources/js/vendors/ 87 KB
90 KB 392ms
106ms Script
application/javascript 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.card24.app/export/system/modules/ch.corner.landing/resources/js/vendors/jquery-3.6.0.min.js

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:42 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 Jun 2024 09:42:10 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: W/"89501-1717666930208"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 89501
X-XSS-Protection: 1; mode=block

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 1444ms
75ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Aug 2024 14:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Wbr2pAeg61Hfi+2FuD0cYA==
age: 82349
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Tue, 30 Jul 2024 06:13:33 GMT
server: cloudflare
etag: 0x8DCB05EBD67BCB8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b770ba1b-c01e-0011-2db1-e2a491000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ac682b2183e0a4f-AMS
expires: Thu, 01 Aug 2024 15:35:14 GMT

GET
H2 200 launch-e91170c99224.min.js Show response
assets.adobedtm.com/46c0f31671a9/83cffd013e0a/ 398 KB
111 KB 1543ms
89ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/46c0f31671a9/83cffd013e0a/launch-e91170c99224.min.js
Requested by: Host: www.card24.app
URL: https://www.card24.app/de
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 748bc6eeab7e931fadd29e92f39a5c2f376b8ff6d4afe36d72a8188a2f8c310e

Request headers

Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 14:27:43 GMT
content-encoding: gzip
last-modified: Thu, 25 Jul 2024 12:54:10 GMT
server: AkamaiNetStorage
etag: "3c82c252f91202bcb5b7b8381a955d05:1721912050.500224"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.card24.app
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 113415
expires: Thu, 01 Aug 2024 15:27:43 GMT

GET
H/1.1 404
Not Found card24-logo.svg
www.card24.app/assets/img/ 6 KB
6 KB 175ms
175ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/card24-logo.svg

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

b5bdb3a7aa57b58d1e3de4b7f15c62b22fd8524234d9c0fe346c6da559ff7900

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:42 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=99

GET
H/1.1 404
Not Found icon-arrow.svg
www.card24.app/assets/img/icons/ 6 KB
6 KB 90ms
89ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/icons/icon-arrow.svg

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

b5bdb3a7aa57b58d1e3de4b7f15c62b22fd8524234d9c0fe346c6da559ff7900

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:42 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=99

GET
H/1.1 404
Not Found app-store.png
www.card24.app/assets/img/ 3 KB
3 KB 141ms
140ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app-store.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:42 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=97

GET
H/1.1 404
Not Found play-store.png
www.card24.app/assets/img/ 3 KB
3 KB 140ms
139ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/play-store.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:42 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=98

GET
H/1.1 404
Not Found icon-clock.svg
www.card24.app/assets/img/icons/ 3 KB
3 KB 211ms
184ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/icons/icon-clock.svg

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:43 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=98

GET
H/1.1 404
Not Found icon-mb-pay.svg
www.card24.app/assets/img/icons/ 3 KB
3 KB 294ms
233ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/icons/icon-mb-pay.svg

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:43 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=95

GET
H/1.1 404
Not Found icon-lock.svg
www.card24.app/assets/img/icons/ 3 KB
3 KB 287ms
255ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/icons/icon-lock.svg

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:43 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=97

GET
H/1.1 404
Not Found app-screen1.png
www.card24.app/assets/img/app/screens/ 3 KB
3 KB 144ms
86ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/screens/app-screen1.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:44 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=94

GET
H/1.1 404
Not Found app-screen2.png
www.card24.app/assets/img/app/screens/ 6 KB
6 KB 450ms
270ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/screens/app-screen2.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

b5bdb3a7aa57b58d1e3de4b7f15c62b22fd8524234d9c0fe346c6da559ff7900

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:44 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=96

GET
H/1.1 404
Not Found app-screen3.png
www.card24.app/assets/img/app/screens/ 3 KB
3 KB 197ms
159ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/screens/app-screen3.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:45 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=95

GET
H/1.1 404
Not Found app-screen4.png
www.card24.app/assets/img/app/screens/ 3 KB
3 KB 243ms
159ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/screens/app-screen4.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:45 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=93

GET
H/1.1 404
Not Found app-screen5.png
www.card24.app/assets/img/app/screens/ 3 KB
3 KB 113ms
98ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/screens/app-screen5.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:45 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=94

GET
H/1.1 404
Not Found app-screen6.png
www.card24.app/assets/img/app/screens/ 3 KB
3 KB 347ms
294ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/screens/app-screen6.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:45 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=92

GET
H/1.1 404
Not Found app-screen7.png
www.card24.app/assets/img/app/screens/ 3 KB
3 KB 304ms
173ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/screens/app-screen7.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:46 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=93

GET
H/1.1 404
Not Found app-screen8.png
www.card24.app/assets/img/app/screens/ 3 KB
3 KB 300ms
165ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/screens/app-screen8.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:47 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=91

GET
H/1.1 404
Not Found media.jpg
www.card24.app/assets/img/ 3 KB
3 KB 308ms
248ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/media.jpg

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:47 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=92

GET
H/1.1 404
Not Found icon-arrow-wt.svg
www.card24.app/assets/img/icons/ 3 KB
3 KB 126ms
86ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/icons/icon-arrow-wt.svg

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:47 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=90

GET
H/1.1 404
Not Found app-section1.png
www.card24.app/assets/img/app/sections/ 6 KB
6 KB 105ms
102ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/sections/app-section1.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

b5bdb3a7aa57b58d1e3de4b7f15c62b22fd8524234d9c0fe346c6da559ff7900

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:47 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=91

GET
H/1.1 404
Not Found app-section2.png
www.card24.app/assets/img/app/sections/ 6 KB
6 KB 88ms
87ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/sections/app-section2.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

b5bdb3a7aa57b58d1e3de4b7f15c62b22fd8524234d9c0fe346c6da559ff7900

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:47 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=89

GET
H/1.1 404
Not Found app-section3.png
www.card24.app/assets/img/app/sections/ 3 KB
3 KB 134ms
97ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/sections/app-section3.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=88

GET
H/1.1 404
Not Found app-section4.png
www.card24.app/assets/img/app/sections/ 6 KB
6 KB 127ms
90ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/sections/app-section4.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

b5bdb3a7aa57b58d1e3de4b7f15c62b22fd8524234d9c0fe346c6da559ff7900

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=90

GET
H/1.1 404
Not Found app-section5.png
www.card24.app/assets/img/app/sections/ 6 KB
6 KB 122ms
85ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/sections/app-section5.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

b5bdb3a7aa57b58d1e3de4b7f15c62b22fd8524234d9c0fe346c6da559ff7900

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=96

GET
H/1.1 404
Not Found app-section6.png
www.card24.app/assets/img/app/sections/ 3 KB
3 KB 219ms
108ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/sections/app-section6.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=100

GET
H/1.1 404
Not Found app-section7.png
www.card24.app/assets/img/app/sections/ 3 KB
3 KB 220ms
109ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/sections/app-section7.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=100

GET
H/1.1 404
Not Found app-section8.png
www.card24.app/assets/img/app/sections/ 3 KB
3 KB 219ms
109ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app/sections/app-section8.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=100

GET tiny-slider.css
www.card24.app/assets/libs/tiny-slider/ 0
0

GET style.css
www.card24.app/assets/ 0
0

GET
H/1.1 404
Not Found concierge.png
www.card24.app/assets/img/popup/ 3 KB
3 KB 91ms
88ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/popup/concierge.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=95

GET
H/1.1 404
Not Found priority-pass.png
www.card24.app/assets/img/popup/ 3 KB
3 KB 86ms
84ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/popup/priority-pass.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=89

GET
H/1.1 404
Not Found pin-code.png
www.card24.app/assets/img/popup/ 6 KB
6 KB 89ms
82ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/popup/pin-code.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

b5bdb3a7aa57b58d1e3de4b7f15c62b22fd8524234d9c0fe346c6da559ff7900

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=87

GET
H/1.1 404
Not Found card-view.png
www.card24.app/assets/img/popup/ 3 KB
3 KB 110ms
108ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/popup/card-view.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=99

GET
H/1.1 404
Not Found password.png
www.card24.app/assets/img/popup/ 3 KB
3 KB 284ms
282ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/popup/password.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=99

GET
H/1.1 404
Not Found mastercard.svg
www.card24.app/assets/img/ 3 KB
3 KB 89ms
87ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/mastercard.svg

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=99

GET
H/1.1 404
Not Found visa.svg
www.card24.app/assets/img/ 3 KB
3 KB 88ms
86ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/visa.svg

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=88

GET
H2 200 018fecb7-6136-7166-9814-a1b18bfb8d85.json Show response
cdn.cookielaw.org/consent/018fecb7-6136-7166-9814-a1b18bfb8d85/ 4 KB
2 KB 731ms
253ms XHR
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/018fecb7-6136-7166-9814-a1b18bfb8d85/018fecb7-6136-7166-9814-a1b18bfb8d85.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45865d93b9bb7847a938d3238dd12fd97baebda9e1debb55636ad8430013b584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Aug 2024 14:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14562
content-md5: SNDwMMRWo7YFHPyONyKaXA==
content-length: 1544
x-ms-lease-status: unlocked
last-modified: Thu, 06 Jun 2024 13:00:43 GMT
server: cloudflare
etag: 0x8DC8628AC8B0171
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: aba63f0b-a01e-00e4-6500-ce8080000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ac682b7cf6a970c-AMS
expires: Fri, 02 Aug 2024 14:27:43 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 67 B
304 B 766ms
101ms XHR
application/json 2606:4700::6812:1c7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e91e62490f19fae2907ddbfae2a95990ca18631d5386fa9de60311dd777ae4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 14:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8ac682beae42b89c-AMS
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202405.1.0/ 450 KB
109 KB 227ms
151ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc750f921cf29a7897435f868856c4c63e22f7fd66ac456a72ced5f6eca584e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Aug 2024 14:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: FvJhOHkAv4E9FRANYIql4g==
age: 58672
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 111551
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 22:01:48 GMT
server: cloudflare
etag: 0x8DCA5E2E4131AEC
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1588e6db-901e-0002-1ccc-d79170000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ac682d24d010a4f-AMS

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 1016ms
310ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/46c0f31671a9/83cffd013e0a/launch-e91170c99224.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Aug 2024 14:27:48 GMT
document-policy: force-load-at-top
x-fb-server-load: 48
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=3, c=15, mss=1208, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: iuCjNwG9FlHEgN7y0wHSeIlY23VpxsLSfmdBcSQEaLa5Wwyv8YteIk7tLZEkhHtYhVgA6tO+xSRV36cQryIaDA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 216ms
86ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/46c0f31671a9/83cffd013e0a/launch-e91170c99224.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 14:27:48 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 00:26:35 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kcgs7200164-IAD, cache-fra-etou8220133-FRA

POST
H2 200 delivery Show response
cornerbanca.tt.omtrdc.net/rest/v1/ 287 B
790 B 1266ms
94ms XHR
application/json 66.235.152.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cornerbanca.tt.omtrdc.net/rest/v1/delivery?client=cornerbanca&sessionId=5ea467aba2ef458d9187209bc63c2495&version=2.11.3

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/46c0f31671a9/83cffd013e0a/launch-e91170c99224.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.221 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-66-235-152-221.data.adobedc.net

Software

jag /

Resource Hash

cb40b2fa1859550eff9aa75b4ad4696022166ed175b5a2653ebc171ab1f713b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Aug 2024 14:27:49 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.card24.app
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: ff961d62-f9c7-4fe5-adee-62deb6dbb39b

GET
H/1.1 404
Not Found icon-arrow-wt.svg
www.card24.app/assets/img/icons/ 3 KB
3 KB 88ms
86ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/icons/icon-arrow-wt.svg

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=94

GET
H/1.1 404
Not Found app-store.png
www.card24.app/assets/img/ 3 KB
3 KB 229ms
225ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/app-store.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=86

GET
H/1.1 404
Not Found play-store.png
www.card24.app/assets/img/ 3 KB
3 KB 467ms
379ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/play-store.png

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=98

GET
H/1.1 404
Not Found card24-logo.svg
www.card24.app/assets/img/ 3 KB
3 KB 467ms
380ms Image
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.card24.app/assets/img/card24-logo.svg

Requested by

Host: www.card24.app
URL: https://www.card24.app/de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:48 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=98

GET
H2 200 1222377088255685 Show response
connect.facebook.net/signals/config/ 61 KB
12 KB 271ms
177ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1222377088255685?v=2.9.162&r=stable&domain=www.card24.app&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7ed603998c971dd943285665bc0b33424432c9d0352afdc37cff7122942ea0d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Aug 2024 14:27:51 GMT
document-policy: force-load-at-top
x-fb-server-load: 60
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12561
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=3, c=30, mss=1208, tbw=64254, tp=-1, tpl=-1, uplat=3, ullat=-1
pragma: public
x-fb-debug: FmC2r1Tdi+W8qbNearJjJHcJqprwILKwSKgQB/vprIQGNmOPdShVGOoZdr1LK2Qcle7dsWetCk+0wkHhRKVhbg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 de.json Show response
cdn.cookielaw.org/consent/018fecb7-6136-7166-9814-a1b18bfb8d85/61e1e962-e073-47a6-b3ec-6232b8bee04e/ 61 KB
15 KB 107ms
97ms Fetch
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/018fecb7-6136-7166-9814-a1b18bfb8d85/61e1e962-e073-47a6-b3ec-6232b8bee04e/de.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66dd0de32b6a6bb087f8957dbf4df0f7d2847949ec66abaa75425d3d9a4b0d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Aug 2024 14:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14570
content-md5: yjwZvtx5LmCtVKbGbGFkgA==
content-length: 15426
x-ms-lease-status: unlocked
last-modified: Thu, 06 Jun 2024 13:00:45 GMT
server: cloudflare
etag: 0x8DC8628ADC88344
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5f3eee4a-a01e-0042-7711-b86a7d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ac682e7e819970c-AMS
expires: Fri, 02 Aug 2024 14:27:51 GMT

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/202405.1.0/assets/ 10 KB
3 KB 65ms
35ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.1.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3321757433351762495ef3452adf0fcefa179583f4409dd04815c710c5e45f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Aug 2024 14:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QrGbDK16KIT/uE8UajLm3Q==
age: 14570
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2707
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 22:01:41 GMT
server: cloudflare
etag: 0x8DCA5E2DF9C2343
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4fa08b70-801e-007b-0c72-d8f83a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ac682e90986970c-AMS

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202405.1.0/assets/v2/ 64 KB
13 KB 65ms
36ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.1.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14a1fa4b518b9bcff7664518a2f8cd4d91205d82d58c87a9bf5553da729e3ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Aug 2024 14:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JTZWdvnWauI9zMn6VSrzxA==
age: 14570
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12886
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 22:01:43 GMT
server: cloudflare
etag: 0x8DCA5E2E0A8E6CB
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ce8aeda8-801e-0070-4f56-d8e04e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ac682e90987970c-AMS

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202405.1.0/assets/ 24 KB
4 KB 64ms
35ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Aug 2024 14:27:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 9eusssrwoAzVOVsIadvhfQ==
age: 14570
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 22:01:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: faff50b1-301e-0100-2156-d8d5df000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8ac682e90989970c-AMS

GET
H/1.1 404
Not Found favicon.ico
www.card24.app/assets/ 6 KB
5 KB 79ms
76ms Other
text/html 194.11.207.141
SUNRISE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.card24.app/assets/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.11.207.141 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

Software

Apache /

Resource Hash

b5bdb3a7aa57b58d1e3de4b7f15c62b22fd8524234d9c0fe346c6da559ff7900

Security Headers

Name	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.card24.app/de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 14:27:51 GMT
Content-Security-Policy: media-src 'self' blob: https://*.cornercard.ch/ https://*.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://*.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://*.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://*.hotjar.com https://*.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://*.cornercard.ch/ https://cdn.cookielaw.org/ https://*.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://*.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://*.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://*.card24.app https://ct.pinterest.com/ https://*.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 28 Nov 2022 11:55:08 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Keep-Alive: timeout=5, max=97

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
518 B 104ms
35ms Fetch
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Aug 2024 14:27:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 14571
x-ms-lease-status: unlocked
last-modified: Wed, 31 Jul 2024 06:32:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c31d346d-901e-00e7-393f-e38387000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8ac682eaab70970c-AMS

GET
H2 200 cornercard_ch.png
cdn.cookielaw.org/logos/12f788b1-06b3-4f8f-8e15-a0b4ffa680f0/cb80b77b-507e-4bef-8a3f-6b2cf30c81be/244e1e45-46c5-4cac-b0d0-c235a8b5bf27/ 17 KB
18 KB 102ms
80ms Image
image/png 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/12f788b1-06b3-4f8f-8e15-a0b4ffa680f0/cb80b77b-507e-4bef-8a3f-6b2cf30c81be/244e1e45-46c5-4cac-b0d0-c235a8b5bf27/cornercard_ch.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b09300f36b2b78302f4931749e6ec0837af16ea28f3f9a048a5d44c9f4fda8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Aug 2024 14:27:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: GSmPxdvHytcsuYcnfsMx9g==
age: 410
content-length: 17873
x-ms-lease-status: unlocked
last-modified: Fri, 10 Dec 2021 09:40:58 GMT
server: cloudflare
etag: 0x8D9BBC12B5FF402
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 36d2c625-101e-009a-5b18-7ca75a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ac682eabeb80a4f-AMS

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 107ms
85ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.card24.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Aug 2024 14:27:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 76391
x-ms-lease-status: unlocked
last-modified: Tue, 30 Jul 2024 06:13:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b01fb8d7-301e-000f-4cb3-e27e7c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8ac682eabeb90a4f-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.card24.app
URL: https://www.card24.app/assets/libs/tiny-slider/tiny-slider.css?v=2.9.3

Domain: www.card24.app
URL: https://www.card24.app/assets/style.css?v=1.2

Domain: www.card24.app
URL: https://www.card24.app/assets/libs/tiny-slider/tiny-slider.css?v=2.9.3

Domain: www.card24.app
URL: https://www.card24.app/assets/style.css?v=1.2

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.card24.app/	1969-12-31 23:59:59	Name: JSESSIONID Value: 258D59F4444839E4B44FD513AB1EA2B3
www.card24.app/	1969-12-31 23:59:59	Name: NSESSION_ID Value: !htwQjIrrnD+bXi8Fcv3yDNBS84gAxjYkWqKQl3Y5Yn07qMUxrW0kCQHey+Md3/SmFyI6wzioYPnv4g==
.card24.app/	1969-12-31 23:59:59	Name: at_check Value: true
.card24.app/	1970-01-21 08:04:42	Name: mbox Value: session#5ea467aba2ef458d9187209bc63c2495#1722524330\|PC#5ea467aba2ef458d9187209bc63c2495.37_0#1785767270
.card24.app/	1970-01-21 07:14:18	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Aug+01+2024+16%3A27%3A52+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202405.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=b132701c-368b-4f51-bd20-a957b8073f54&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.card24.app%2Fde&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0

49 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.card24.app/de Message: Refused to apply style from 'https://www.card24.app/assets/libs/tiny-slider/tiny-slider.css?v=2.9.3' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://www.card24.app/de Message: Refused to apply style from 'https://www.card24.app/assets/style.css?v=1.2' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://www.card24.app/assets/img/icons/icon-arrow.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/card24-logo.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/play-store.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app-store.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/libs/jquery-3.7.0.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://www.card24.app/de Message: Refused to execute script from 'https://www.card24.app/assets/libs/jquery-3.7.0.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://www.card24.app/assets/libs/tiny-slider/tiny-slider.min.js?v=2.9.3 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/libs/scrollreveal.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/script.js?v=1.2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://www.card24.app/de Message: Refused to apply style from 'https://www.card24.app/assets/style.css?v=1.2' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://www.card24.app/de Message: Refused to apply style from 'https://www.card24.app/assets/libs/tiny-slider/tiny-slider.css?v=2.9.3' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://www.card24.app/de Message: Refused to execute script from 'https://www.card24.app/assets/libs/tiny-slider/tiny-slider.min.js?v=2.9.3' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://www.card24.app/de Message: Refused to execute script from 'https://www.card24.app/assets/libs/scrollreveal.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://www.card24.app/de Message: Refused to execute script from 'https://www.card24.app/assets/script.js?v=1.2' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://www.card24.app/assets/img/icons/icon-clock.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/icons/icon-mb-pay.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/icons/icon-lock.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/screens/app-screen1.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/screens/app-screen2.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/screens/app-screen3.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/screens/app-screen4.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/screens/app-screen5.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/screens/app-screen6.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/screens/app-screen7.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/screens/app-screen8.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/media.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/icons/icon-arrow-wt.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/sections/app-section2.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/sections/app-section1.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/sections/app-section5.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/sections/app-section4.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/sections/app-section3.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/sections/app-section6.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/popup/priority-pass.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/sections/app-section8.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app/sections/app-section7.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/popup/concierge.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/popup/pin-code.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/icons/icon-arrow-wt.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/visa.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/mastercard.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/popup/card-view.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/popup/password.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/app-store.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/play-store.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/img/card24-logo.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.card24.app/assets/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	media-src 'self' blob: https://.cornercard.ch/ https://.card24.app; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' https://.facebook.net https://static.ads-twitter.com https://script.hotjar.com https://.serving-sys.com https://tr.snapchat.com https://secure-ds.serving-sys.com https://static.hotjar.com https://snap.licdn.com https://googleads.g.doubleclick.net https://www.redditstatic.com https://s.pinimg.com https://s.yimg.com https://sc-static.net https://static.ads-twitter.com https://www.googletagmanager.com https://static.ads-twitter.com https://demo.dinitcs.com/ https://cdn.cookielaw.org/ https://www.google.com/ https://www.gstatic.com/ https://assets.adobedtm.com/; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com/; connect-src 'self' https://cornerbanca.tt.omtrdc.net https://.hotjar.com https://.serving-sys.com https://secure-ds.serving-sys.com https://cdn.linkedin.oribi.io https://tr.snapchat.com https://s.yimg.com https://ct.pinterest.com https://ct.pinterest.com https://cornerbanca.tt.omtrdc.net https://dpm.demdex.net https://demo.dinitcs.com/ https://.cornercard.ch/ https://cdn.cookielaw.org/ https://.onetrust.com/ https://adobedc.demdex.net/ https://smetrics.card24.app/; img-src 'self' https://.card24.app https://www.linkedin.com https://dpm.demdex.net https://tags.w55c.net https://cm.everesttech.net https://www.google.com https://www.google.ch https://www.google.com https://px.ads.linkedin.com https://ct.pinterest.com https://sp.analytics.yahoo.com https://alb.reddit.com https://t.co https://analytics.twitter.com https://.ytimg.com/ https://cdn.cookielaw.org/ data:; font-src 'self' https://fonts.gstatic.com/ data:; frame-src blob: https://.card24.app https://ct.pinterest.com/ https://.hotjar.com https://tr.snapchat.com https://cornerbanca.demdex.net https://demo.dinitcs.com/ https://www.youtube.com/ https://www.google.com/; frame-ancestors 'self'; worker-src blob:; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.cookielaw.org
connect.facebook.net
cornerbanca.tt.omtrdc.net
geolocation.onetrust.com
static.ads-twitter.com
www.card24.app
www.card24.app
146.75.120.157
194.11.207.141
2606:4700::6812:1c7f
2606:4700::6812:562a
2a02:26f0:3500:587::1e80
2a03:2880:f084:105:face:b00c:0:3
66.235.152.221
08fc1e7620a1f3c1645bdcf45ea6aec45bf7d3ce898a86dc270b81ace1425f2d
14a1fa4b518b9bcff7664518a2f8cd4d91205d82d58c87a9bf5553da729e3ea2
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
1e91e62490f19fae2907ddbfae2a95990ca18631d5386fa9de60311dd777ae4e
3321757433351762495ef3452adf0fcefa179583f4409dd04815c710c5e45f6f
45865d93b9bb7847a938d3238dd12fd97baebda9e1debb55636ad8430013b584
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
5b09300f36b2b78302f4931749e6ec0837af16ea28f3f9a048a5d44c9f4fda8b
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
66dd0de32b6a6bb087f8957dbf4df0f7d2847949ec66abaa75425d3d9a4b0d67
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
748bc6eeab7e931fadd29e92f39a5c2f376b8ff6d4afe36d72a8188a2f8c310e
b5bdb3a7aa57b58d1e3de4b7f15c62b22fd8524234d9c0fe346c6da559ff7900
b7ed603998c971dd943285665bc0b33424432c9d0352afdc37cff7122942ea0d
c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa
cb40b2fa1859550eff9aa75b4ad4696022166ed175b5a2653ebc171ab1f713b0
dc750f921cf29a7897435f868856c4c63e22f7fd66ac456a72ced5f6eca584e7
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f0fd31e56cba23fc86b92d6b29036b89cb7a6c935be15cd2e2172e68d2740b2f

www.card24.app Open in urlscan Pro 194.11.207.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

94 %HTTPS

57 %IPv6

7 Domains

7 Subdomains

8 IPs

3 Countries

613 kBTransfer

1656 kBSize

5 Cookies

5 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.card24.app Open in urlscan Pro
194.11.207.141 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

94 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

613 kB
Transfer

1656 kB
Size

5
Cookies

63 HTTP transactions
0 data transactions