wwwsec.bankthalwil.ch Open in urlscan Pro
193.223.21.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wwwsec.bankthalwil.ch/
Effective URL:
https://wwwsec.bankthalwil.ch/authen/login
Submission: On November 08 via automatic, source certstream-suspicious (November 8th 2021, 5:05:34 pm UTC) — Scanned from DE

Summary HTTP 10 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 193.223.21.30, located in Switzerland and belongs to SWISSCOM Swisscom Switzerland Ltd, CH. The main domain is wwwsec.bankthalwil.ch.
TLS certificate: Issued by QuoVadis Europe EV SSL CA G1 on November 18th 2020. Valid for: a year.

This is the only time wwwsec.bankthalwil.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 11	193.223.21.30 193.223.21.30	3303 (SWISSCOM ...) (SWISSCOM Swisscom Switzerland Ltd)
1	193.222.69.82 193.222.69.82	3303 (SWISSCOM ...) (SWISSCOM Swisscom Switzerland Ltd)
10	2

11 193.223.21.30 (Switzerland) 2 redirects

ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH)

wwwsec.bankthalwil.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.222.69.82 (Therwil, Switzerland)

ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH)

ebanking.esprit-netzwerk.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	bankthalwil.ch 2 redirects wwwsec.bankthalwil.ch	744 KB
1	esprit-netzwerk.ch ebanking.esprit-netzwerk.ch	691 KB
10	2

	Domain	Requested by
11	wwwsec.bankthalwil.ch	2 redirects wwwsec.bankthalwil.ch
1	ebanking.esprit-netzwerk.ch	wwwsec.bankthalwil.ch
10	2

This site contains links to these domains. Also see Links.

Domain
www.ebas.ch
www.bankthalwil.ch

Subject Issuer	Validity	Valid
wwwsec.bankthalwil.ch QuoVadis Europe EV SSL CA G1	`2020-11-18` - `2021-11-18`	a year	crt.sh
*.esprit-netzwerk.ch QuoVadis Global SSL ICA G2	`2020-01-30` - `2022-01-30`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://wwwsec.bankthalwil.ch/authen/login
Frame ID: 27DB42CDC25F59E2036DDD66787B8475
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login E-Banking / Kundenportal<fmt:message key="loginpage.metaTitle"/>

Page URL History Show full URLs

https://wwwsec.bankthalwil.ch/ HTTP 303
https://wwwsec.bankthalwil.ch/authen/check-login HTTP 302
https://wwwsec.bankthalwil.ch/authen/login Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1434 kB
Transfer

1427 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ebas.ch/5-schritte-fuer-ihre-digitale-sicherheit/

Search URL Search Domain Scan URL

URL: https://www.ebas.ch/de/
Title: Sicherheit

Search URL Search Domain Scan URL

URL: https://www.bankthalwil.ch/de/Privatkunden/Zahlen/Zahlen/NetBanking/Antworten-auf-Ihre-Fragen
Title: Hilfe / Anleitungen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wwwsec.bankthalwil.ch/ HTTP 303
https://wwwsec.bankthalwil.ch/authen/check-login HTTP 302
https://wwwsec.bankthalwil.ch/authen/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
wwwsec.bankthalwil.ch/authen/
Redirect Chain

https://wwwsec.bankthalwil.ch/
https://wwwsec.bankthalwil.ch/authen/check-login
https://wwwsec.bankthalwil.ch/authen/login

7 KB
7 KB

33ms
33ms

Document
text/html

193.223.21.30
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwsec.bankthalwil.ch/authen/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.223.21.30 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

a3a0900b9f21b34372c9c64bf43ab61ec57c7da07432c1153ef0727afd879da9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'nonce-8kPmqSlHaKslueJ1Yue2iMmHkgrKe6TPO_ZMXR6V60Y' 'strict-dynamic' 'unsafe-inline' 'self'; img-src 'self' https://www.esprit-netzwerk.ch https://*.esprit-netzwerk.ch https://www.bankthalwil.ch https://api.futurae.com data:; style-src 'unsafe-inline' 'self'; base-uri 'self'; frame-ancestors 'self'; connect-src 'self' https://api.futurae.com wss://api.futurae.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 08 Nov 2021 17:05:29 GMT
server: Apache
content-security-policy: default-src 'self'; object-src 'none'; script-src 'nonce-8kPmqSlHaKslueJ1Yue2iMmHkgrKe6TPO_ZMXR6V60Y' 'strict-dynamic' 'unsafe-inline' 'self'; img-src 'self' https://www.esprit-netzwerk.ch https://*.esprit-netzwerk.ch https://www.bankthalwil.ch https://api.futurae.com data:; style-src 'unsafe-inline' 'self'; base-uri 'self'; frame-ancestors 'self'; connect-src 'self' https://api.futurae.com wss://api.futurae.com;
pragma: no-cache
cache-control: private, max-age=0, no-store, no-cache
expires: 01/01/99 20:00:00 GMT
x-envoy-upstream-service-time: 9
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; vr 'self'; xr 'self'
x-tnt: 8733
content-type: text/html;charset=UTF-8

Redirect headers

date: Mon, 08 Nov 2021 17:05:29 GMT
server: Apache
content-length: 0
content-security-policy: default-src 'self'; object-src 'none'; script-src 'nonce-BKVUhbWZZiWyD62QHz78I0kPKviaQcL_dJPHUgxRu5M' 'strict-dynamic' 'unsafe-inline' 'self'; img-src 'self' https://www.esprit-netzwerk.ch https://*.esprit-netzwerk.ch https://www.bankthalwil.ch https://api.futurae.com data:; style-src 'unsafe-inline' 'self'; base-uri 'self'; frame-ancestors 'self'; connect-src 'self' https://api.futurae.com wss://api.futurae.com;
pragma: no-cache
cache-control: private, max-age=0, no-store, no-cache
expires: 01/01/99 20:00:00 GMT
location: /authen/login
x-envoy-upstream-service-time: 11
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; vr 'self'; xr 'self'
x-tnt: 8733
content-type: text/plain;charset=utf-8

GET
H2 200 main.css
wwwsec.bankthalwil.ch/authen/css/ 260 KB
261 KB 27ms
26ms Stylesheet
text/css 193.223.21.30
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwsec.bankthalwil.ch/authen/css/main.css?r=b076bbd7-50a0-4f2e-8446-dfae6728b7d5

Requested by

Host: wwwsec.bankthalwil.ch
URL: https://wwwsec.bankthalwil.ch/authen/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.223.21.30 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

4f537e17284957b879332a3423f1198d997432fc67de1e97b644559d537fb259

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wwwsec.bankthalwil.ch/authen/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 17:05:29 GMT
referrer-policy: same-origin
last-modified: Tue, 05 Oct 2021 21:17:46 GMT
server: Apache
etag: W/"265775-1633468666000"
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
x-xss-protection: 1; mode=block
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; vr 'self'; xr 'self'
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=16070400
accept-ranges: bytes
x-tnt: 8733
content-length: 265775
x-content-type-options: nosniff

GET
H2 200 jquery-3.5.1.min.js Show response
wwwsec.bankthalwil.ch/authen/js/airlock/ 87 KB
88 KB 39ms
39ms Script
application/javascript 193.223.21.30
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwsec.bankthalwil.ch/authen/js/airlock/jquery-3.5.1.min.js

Requested by

Host: wwwsec.bankthalwil.ch
URL: https://wwwsec.bankthalwil.ch/authen/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.223.21.30 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wwwsec.bankthalwil.ch/authen/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 17:05:29 GMT
referrer-policy: same-origin
last-modified: Mon, 31 May 2021 06:28:42 GMT
server: Apache
etag: W/"89476-1622442522000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; vr 'self'; xr 'self'
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=16070400
accept-ranges: bytes
x-tnt: 8733
content-length: 89476
x-content-type-options: nosniff

GET
H2 200 main.js Show response
wwwsec.bankthalwil.ch/authen/js/airlock/ 3 KB
3 KB 26ms
25ms Script
application/javascript 193.223.21.30
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwsec.bankthalwil.ch/authen/js/airlock/main.js?r=b076bbd7-50a0-4f2e-8446-dfae6728b7d5

Requested by

Host: wwwsec.bankthalwil.ch
URL: https://wwwsec.bankthalwil.ch/authen/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.223.21.30 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

184341fdf79e5068bb9d40b05ad360934e67d12e4d32e36b953d624114f671df

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wwwsec.bankthalwil.ch/authen/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 17:05:29 GMT
referrer-policy: same-origin
last-modified: Mon, 31 May 2021 06:28:42 GMT
server: Apache
etag: W/"3236-1622442522000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; vr 'self'; xr 'self'
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=16070400
accept-ranges: bytes
x-tnt: 8733
content-length: 3236
x-content-type-options: nosniff

GET
H2 200 utils.js Show response
wwwsec.bankthalwil.ch/authen/scripts/ 226 B
627 B 27ms
26ms Script
application/javascript 193.223.21.30
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwsec.bankthalwil.ch/authen/scripts/utils.js

Requested by

Host: wwwsec.bankthalwil.ch
URL: https://wwwsec.bankthalwil.ch/authen/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.223.21.30 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

2058fb465e7c03f2dc6e5894c57c86deaa8b92d04949ceedd2ae54165bf14df6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'nonce-UakvKsoNfR5bXKdsX1SWbBovD5OL6eSeN93lXVLkNaI' 'strict-dynamic' 'unsafe-inline' 'self'; img-src 'self' https://www.esprit-netzwerk.ch https://*.esprit-netzwerk.ch https://www.bankthalwil.ch https://api.futurae.com data:; style-src 'unsafe-inline' 'self'; base-uri 'self'; frame-ancestors 'self'; connect-src 'self' https://api.futurae.com wss://api.futurae.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wwwsec.bankthalwil.ch/authen/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src 'self'; object-src 'none'; script-src 'nonce-UakvKsoNfR5bXKdsX1SWbBovD5OL6eSeN93lXVLkNaI' 'strict-dynamic' 'unsafe-inline' 'self'; img-src 'self' https://www.esprit-netzwerk.ch https://*.esprit-netzwerk.ch https://www.bankthalwil.ch https://api.futurae.com data:; style-src 'unsafe-inline' 'self'; base-uri 'self'; frame-ancestors 'self'; connect-src 'self' https://api.futurae.com wss://api.futurae.com;
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-tnt: 8733
content-length: 226
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Feb 2021 22:16:30 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: W/"226-1612908990000"
strict-transport-security: max-age=16070400
content-type: application/javascript
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; vr 'self'; xr 'self'
accept-ranges: bytes
date: Mon, 08 Nov 2021 17:05:29 GMT

GET
H2 200 logo.png
wwwsec.bankthalwil.ch/authen/images/ 40 KB
41 KB 26ms
26ms Image
image/png 193.223.21.30
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wwwsec.bankthalwil.ch/authen/images/logo.png

Requested by

Host: wwwsec.bankthalwil.ch
URL: https://wwwsec.bankthalwil.ch/authen/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.223.21.30 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

d9454d9702df7a171ea15e501826ad9faf79f4d8fa9e82de8e96dd33b9e002b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wwwsec.bankthalwil.ch/authen/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 17:05:29 GMT
referrer-policy: same-origin
last-modified: Tue, 09 Feb 2021 22:16:30 GMT
server: Apache
etag: W/"41250-1612908990000"
x-frame-options: SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; vr 'self'; xr 'self'
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=16070400
accept-ranges: bytes
x-tnt: 8733
content-length: 41250
x-content-type-options: nosniff

GET
H/1.1 200
OK ebas
ebanking.esprit-netzwerk.ch/api/image/ 690 KB
691 KB 81ms
18ms Image
image/jpeg 193.222.69.82
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ebanking.esprit-netzwerk.ch/api/image/ebas?language=de&image=SafeBanking_160x133
Requested by: Host: wwwsec.bankthalwil.ch
URL: https://wwwsec.bankthalwil.ch/authen/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.222.69.82 Therwil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6c3def131ef6bb3cb51ed1f728d711a805edd32a5a86424ba123bf229a389114

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 17:05:29 GMT
api-supported-versions: 1.0
X-Powered-By: ASP.NET
Content-Length: 706795
Content-Disposition: attachment; filename=SafeBanking_160x133_de.jpg; filename*=UTF-8''SafeBanking_160x133_de.jpg
Server: Microsoft-IIS/10.0
Content-Type: image/jpeg; v=1.0

GET
H2 200 DINNextLTPro-Light.ttf
wwwsec.bankthalwil.ch/authen/fonts/ 181 KB
183 KB 29ms
28ms Font
font/ttf 193.223.21.30
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwsec.bankthalwil.ch/authen/fonts/DINNextLTPro-Light.ttf

Requested by

Host: wwwsec.bankthalwil.ch
URL: https://wwwsec.bankthalwil.ch/authen/css/main.css?r=b076bbd7-50a0-4f2e-8446-dfae6728b7d5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.223.21.30 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

cc991325bf33598384a90949312de983efdd67b6c2dc839b604f276616533ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wwwsec.bankthalwil.ch/authen/css/main.css?r=b076bbd7-50a0-4f2e-8446-dfae6728b7d5
Origin: https://wwwsec.bankthalwil.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 17:05:29 GMT
referrer-policy: same-origin
last-modified: Tue, 09 Feb 2021 22:16:30 GMT
server: Apache
etag: W/"185416-1612908990000"
x-frame-options: SAMEORIGIN
content-type: font/ttf
x-xss-protection: 1; mode=block
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; vr 'self'; xr 'self'
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=16070400
accept-ranges: bytes
x-tnt: 8733
content-length: 185416
x-content-type-options: nosniff

GET
H2 200 DINNextLTPro-Bold.ttf
wwwsec.bankthalwil.ch/authen/fonts/ 140 KB
141 KB 30ms
29ms Font
font/ttf 193.223.21.30
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwsec.bankthalwil.ch/authen/fonts/DINNextLTPro-Bold.ttf

Requested by

Host: wwwsec.bankthalwil.ch
URL: https://wwwsec.bankthalwil.ch/authen/css/main.css?r=b076bbd7-50a0-4f2e-8446-dfae6728b7d5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.223.21.30 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

4330413e6c485eb8459ee2f684c8d2385b0f5060930417b4d347c68172272a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wwwsec.bankthalwil.ch/authen/css/main.css?r=b076bbd7-50a0-4f2e-8446-dfae6728b7d5
Origin: https://wwwsec.bankthalwil.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 17:05:29 GMT
referrer-policy: same-origin
last-modified: Tue, 09 Feb 2021 22:16:30 GMT
server: Apache
etag: W/"143568-1612908990000"
x-frame-options: SAMEORIGIN
content-type: font/ttf
x-xss-protection: 1; mode=block
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; vr 'self'; xr 'self'
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=16070400
accept-ranges: bytes
x-tnt: 8733
content-length: 143568
x-content-type-options: nosniff

GET
H2 200 glyphicons-halflings-regular.woff2
wwwsec.bankthalwil.ch/authen/fonts/ 18 KB
18 KB 29ms
29ms Font
font/woff2 193.223.21.30
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://wwwsec.bankthalwil.ch/authen/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: wwwsec.bankthalwil.ch
URL: https://wwwsec.bankthalwil.ch/authen/css/main.css?r=b076bbd7-50a0-4f2e-8446-dfae6728b7d5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.223.21.30 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wwwsec.bankthalwil.ch/authen/css/main.css?r=b076bbd7-50a0-4f2e-8446-dfae6728b7d5
Origin: https://wwwsec.bankthalwil.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 17:05:29 GMT
referrer-policy: same-origin
last-modified: Tue, 09 Feb 2021 22:16:30 GMT
server: Apache
etag: W/"18028-1612908990000"
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-xss-protection: 1; mode=block
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; vr 'self'; xr 'self'
x-envoy-upstream-service-time: 4
strict-transport-security: max-age=16070400
accept-ranges: bytes
x-tnt: 8733
content-length: 18028
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			wwwsec.bankthalwil.ch/	1969-12-31 23:59:59	Name: AL_SESS-S Value: AVz18qvXQhOfBqJ_uQZLQTmRltnFaz_J26fEfQ!gL6WO_2F!qPtyFQbZmQQ3bn664U23

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vr'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'xr'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'nonce-8kPmqSlHaKslueJ1Yue2iMmHkgrKe6TPO_ZMXR6V60Y' 'strict-dynamic' 'unsafe-inline' 'self'; img-src 'self' https://www.esprit-netzwerk.ch https://*.esprit-netzwerk.ch https://www.bankthalwil.ch https://api.futurae.com data:; style-src 'unsafe-inline' 'self'; base-uri 'self'; frame-ancestors 'self'; connect-src 'self' https://api.futurae.com wss://api.futurae.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ebanking.esprit-netzwerk.ch
wwwsec.bankthalwil.ch
193.222.69.82
193.223.21.30
184341fdf79e5068bb9d40b05ad360934e67d12e4d32e36b953d624114f671df
2058fb465e7c03f2dc6e5894c57c86deaa8b92d04949ceedd2ae54165bf14df6
4330413e6c485eb8459ee2f684c8d2385b0f5060930417b4d347c68172272a86
4f537e17284957b879332a3423f1198d997432fc67de1e97b644559d537fb259
6c3def131ef6bb3cb51ed1f728d711a805edd32a5a86424ba123bf229a389114
a3a0900b9f21b34372c9c64bf43ab61ec57c7da07432c1153ef0727afd879da9
cc991325bf33598384a90949312de983efdd67b6c2dc839b604f276616533ee8
d9454d9702df7a171ea15e501826ad9faf79f4d8fa9e82de8e96dd33b9e002b5
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

wwwsec.bankthalwil.ch Open in urlscan Pro 193.223.21.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1434 kBTransfer

1427 kBSize

1 Cookies

3 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

wwwsec.bankthalwil.ch Open in urlscan Pro
193.223.21.30 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1434 kB
Transfer

1427 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions