urlscan.io logo urlscan.io
SecurityTrails logo

swisslife.staay.io Open in urlscan Pro
93.189.65.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://swisslife.staay.io/
Submission: On August 07 via automatic, source certstream-suspicious — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 93.189.65.44, located in Switzerland and belongs to VIRTUALTEC, CH. The main domain is swisslife.staay.io.
TLS certificate: Issued by E5 on August 4th 2024. Valid for: 3 months.
This is the only time swisslife.staay.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 93.189.65.44 12347 (VIRTUALTEC)
1 2a00:1450:400... 15169 (GOOGLE)
1 80.255.98.8 24585 (CH-SWISSLIFE)
13 3
Apex Domain
Subdomains		 Transfer
11 staay.io
swisslife.staay.io
2 MB
1 swisslife.ch
www.swisslife.ch
15 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
31 KB
13 3
Domain Requested by
11 swisslife.staay.io swisslife.staay.io
1 www.swisslife.ch
1 ajax.googleapis.com swisslife.staay.io
13 3

This site contains no links.

Subject Issuer Validity Valid
swisslife.staay.io
E5		 2024-08-04 -
2024-11-02		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
www.swisslife.ch
Thawte TLS RSA CA G1		 2023-10-31 -
2024-11-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://swisslife.staay.io/
Frame ID: C95F7D86BA63057EDAD20446457DE5BC
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[pagetitle]

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2211 kB
Transfer

2256 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
swisslife.staay.io/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://swisslife.staay.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
93.189.65.44 , Switzerland, ASN12347 (VIRTUALTEC, CH),
Reverse DNS
dimaster2.dux.virtualtec.ch
Software
nginx /
Resource Hash
54c15e1f457e0f7b7963d4a368df37abc1be6ba369ee01e117adc1611c855222
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-security-policy
default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
content-type
text/html; charset=UTF-8
date
Wed, 07 Aug 2024 13:55:50 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
stylesheet.css
swisslife.staay.io/templates/web/fonts/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://swisslife.staay.io/templates/web/fonts/stylesheet.css
Requested by
Host: swisslife.staay.io
URL: https://swisslife.staay.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
93.189.65.44 , Switzerland, ASN12347 (VIRTUALTEC, CH),
Reverse DNS
dimaster2.dux.virtualtec.ch
Software
nginx /
Resource Hash
6e7b9fbf86e21b2c54bebdc6854ca9fb6fe32b4cb079cf6ed41c3a73124dff8d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://swisslife.staay.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 13:55:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
last-modified
Thu, 30 May 2024 11:59:54 GMT
server
nginx
etag
"1530-619aa9ae8ebae"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=172800, public, must-revalidate
accept-ranges
bytes
content-length
5424
x-xss-protection
1; mode=block
master.css
swisslife.staay.io/templates/web/css/ 		15 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://swisslife.staay.io/templates/web/css/master.css
Requested by
Host: swisslife.staay.io
URL: https://swisslife.staay.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
93.189.65.44 , Switzerland, ASN12347 (VIRTUALTEC, CH),
Reverse DNS
dimaster2.dux.virtualtec.ch
Software
nginx /
Resource Hash
0d4980abb6b50c800515a85b6f1cc62d530c67cbca817dbeed3755cb3a702082
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://swisslife.staay.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 13:55:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
last-modified
Thu, 30 May 2024 11:59:49 GMT
server
nginx
etag
"3a06-619aa9a9ae3fa"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=172800, public, must-revalidate
accept-ranges
bytes
content-length
14854
x-xss-protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: swisslife.staay.io
URL: https://swisslife.staay.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://swisslife.staay.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 03:59:39 GMT
master.js
swisslife.staay.io/templates/web/js/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swisslife.staay.io/templates/web/js/master.js
Requested by
Host: swisslife.staay.io
URL: https://swisslife.staay.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
93.189.65.44 , Switzerland, ASN12347 (VIRTUALTEC, CH),
Reverse DNS
dimaster2.dux.virtualtec.ch
Software
nginx /
Resource Hash
63d6eb249fa84883f8673a9b3ce96a44143452addd2013079b3cfc287c1dba7f
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://swisslife.staay.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 13:55:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
last-modified
Tue, 25 Jun 2024 16:02:13 GMT
server
nginx
etag
"35ef-61bb9055ffba7"
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=172800, public, must-revalidate
accept-ranges
bytes
content-length
13807
x-xss-protection
1; mode=block
right.png
swisslife.staay.io/templates/web/img/ 		780 KB
783 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swisslife.staay.io/templates/web/img/right.png
Requested by
Host: swisslife.staay.io
URL: https://swisslife.staay.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
93.189.65.44 , Switzerland, ASN12347 (VIRTUALTEC, CH),
Reverse DNS
dimaster2.dux.virtualtec.ch
Software
nginx /
Resource Hash
eecc1f5bcb90ce2b536ef4452fbbf422f8f5e5d695393d1436bb376d593f416d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://swisslife.staay.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 13:55:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
last-modified
Tue, 18 Jun 2024 04:39:13 GMT
server
nginx
etag
"c318b-61b22a9df9d72"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=172800, public, must-revalidate
accept-ranges
bytes
content-length
799115
x-xss-protection
1; mode=block
arrow-right.png
swisslife.staay.io/templates/web/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swisslife.staay.io/templates/web/img/arrow-right.png
Requested by
Host: swisslife.staay.io
URL: https://swisslife.staay.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
93.189.65.44 , Switzerland, ASN12347 (VIRTUALTEC, CH),
Reverse DNS
dimaster2.dux.virtualtec.ch
Software
nginx /
Resource Hash
118bf1b5e2c57dc6b761b61aab3c64d77b0b62b18068d38be10af1a0c92a06e3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://swisslife.staay.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 13:55:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
last-modified
Thu, 30 May 2024 11:59:54 GMT
server
nginx
etag
"725-619aa9aeea524"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=172800, public, must-revalidate
accept-ranges
bytes
content-length
1829
x-xss-protection
1; mode=block
footer.png
swisslife.staay.io/templates/web/img/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swisslife.staay.io/templates/web/img/footer.png
Requested by
Host: swisslife.staay.io
URL: https://swisslife.staay.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
93.189.65.44 , Switzerland, ASN12347 (VIRTUALTEC, CH),
Reverse DNS
dimaster2.dux.virtualtec.ch
Software
nginx /
Resource Hash
1d95f403d3c1b34d12476cccf8d1e81b1b4918665b30e99a1df6402129b45151
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://swisslife.staay.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 13:55:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
last-modified
Wed, 12 Jun 2024 10:28:38 GMT
server
nginx
etag
"11147-61aaed8744571"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=172800, public, must-revalidate
accept-ranges
bytes
content-length
69959
x-xss-protection
1; mode=block
left.png
swisslife.staay.io/templates/web/img/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swisslife.staay.io/templates/web/img/left.png
Requested by
Host: swisslife.staay.io
URL: https://swisslife.staay.io/templates/web/css/master.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
93.189.65.44 , Switzerland, ASN12347 (VIRTUALTEC, CH),
Reverse DNS
dimaster2.dux.virtualtec.ch
Software
nginx /
Resource Hash
85acacb2df4ab35ae5c4fbf0c725f6955496d18c26158d6d4f6b4003c355af04
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://swisslife.staay.io/templates/web/css/master.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 13:55:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
last-modified
Tue, 18 Jun 2024 04:39:13 GMT
server
nginx
etag
"11f1af-61b22a9e20fa6"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=172800, public, must-revalidate
accept-ranges
bytes
content-length
1175983
x-xss-protection
1; mode=block
flipfront.png
swisslife.staay.io/templates/web/img/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swisslife.staay.io/templates/web/img/flipfront.png
Requested by
Host: swisslife.staay.io
URL: https://swisslife.staay.io/templates/web/css/master.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
93.189.65.44 , Switzerland, ASN12347 (VIRTUALTEC, CH),
Reverse DNS
dimaster2.dux.virtualtec.ch
Software
nginx /
Resource Hash
72fc0c626be5e39f1fdc4c3ed4145d704deaa8ff7e8d1ac0822cdd5b5985b598
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://swisslife.staay.io/templates/web/css/master.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 13:55:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
last-modified
Wed, 12 Jun 2024 10:30:22 GMT
server
nginx
etag
"90a7-61aaedea1ee9d"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=172800, public, must-revalidate
accept-ranges
bytes
content-length
37031
x-xss-protection
1; mode=block
LegacySerifITCPro-Book.woff2
swisslife.staay.io/templates/web/fonts/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://swisslife.staay.io/templates/web/fonts/LegacySerifITCPro-Book.woff2
Requested by
Host: swisslife.staay.io
URL: https://swisslife.staay.io/templates/web/fonts/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
93.189.65.44 , Switzerland, ASN12347 (VIRTUALTEC, CH),
Reverse DNS
dimaster2.dux.virtualtec.ch
Software
nginx /
Resource Hash
590c017d8c09aed4d6c726a69cd52909716b8ea4f727e53ec8c4cfa9517354ce
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://swisslife.staay.io/templates/web/fonts/stylesheet.css
Origin
https://swisslife.staay.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 13:55:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
last-modified
Thu, 30 May 2024 11:59:53 GMT
server
nginx
etag
"b4c4-619aa9ad462c6"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
content-length
46276
x-xss-protection
1; mode=block
LegacySerifITCPro-MediumItalic.woff2
swisslife.staay.io/templates/web/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://swisslife.staay.io/templates/web/fonts/LegacySerifITCPro-MediumItalic.woff2
Requested by
Host: swisslife.staay.io
URL: https://swisslife.staay.io/templates/web/fonts/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
93.189.65.44 , Switzerland, ASN12347 (VIRTUALTEC, CH),
Reverse DNS
dimaster2.dux.virtualtec.ch
Software
nginx /
Resource Hash
ff852cd32791213c228f03ccd5b30409b315d387ce73742d1538031f83640e58
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://swisslife.staay.io/templates/web/fonts/stylesheet.css
Origin
https://swisslife.staay.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 13:55:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
last-modified
Thu, 30 May 2024 11:59:54 GMT
server
nginx
etag
"8ee4-619aa9ae78b50"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
content-length
36580
x-xss-protection
1; mode=block
favicon.ico
www.swisslife.ch/etc.clientlibs/slevo/clientlibs/site/resources/img/icon/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.swisslife.ch/etc.clientlibs/slevo/clientlibs/site/resources/img/icon/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.255.98.8 , Switzerland, ASN24585 (CH-SWISSLIFE, CH),
Reverse DNS
www.swisslife.com
Software
Apache /
Resource Hash
4c29733d8607ac16981740c3985669c70b729db03d1e8987dbfee5fabd260f54
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://fuse.pav.portals.swisslife.ch https://fuse.portals.swisslife.ch https://www.swisslife.ch
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://swisslife.staay.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 13:55:51 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://fuse.pav.portals.swisslife.ch https://fuse.portals.swisslife.ch https://www.swisslife.ch
server
Apache
etag
"3aee-5b082853a97c0"
thost
(null)
vary
Host,Accept-Encoding
content-type
image/vnd.microsoft.icon
cache-control
max-age=86400, public
accept-ranges
none
content-length
15086
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| countdown number| initialCountdown number| cd function| initCheckbox function| handleSubmit function| handleRegister function| policy function| validate function| checkOrientation function| unwrap function| timeCounter function| countDown function| initCD function| insertAtCaret function| removeAtCaret function| initKeyboard

1 Cookies

Domain/Path Name / Value
swisslife.staay.io/ Name: PHPSESSID
Value: 0k0mjkprh2n886d5376vkk0sb8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net; img-src 'self' * data:; script-src 'unsafe-inline' 'self' gooogleapis.com *.googleapis.com *.google.com *.unpkg.com unpkg.com youtube.com *.youtube.com *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com cdn.jsdelivr.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block