id.css.ch Open in urlscan Pro
194.209.96.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cp72.webserver.pt/~calcetei/cssme/
Effective URL:
https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_...
Submission: On November 13 via api (November 13th 2024, 3:30:43 pm UTC) from US — Scanned from CH

Summary HTTP 157 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 6 domains to perform 157 HTTP transactions. The main IP is 194.209.96.18, located in Adligenswil, Switzerland and belongs to SWISSCOM Swisscom Switzerland Ltd, CH. The main domain is id.css.ch.
TLS certificate: Issued by SwissSign RSA TLS OV ICA 2022 - 1 on December 6th 2023. Valid for: a year.

This is the only time id.css.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	94.46.168.20 94.46.168.20	24768 (ALMOUROLTEC) (ALMOUROLTEC)
120	20.250.75.149 20.250.75.149	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:278... 2a02:26f0:2780:6::214:f58b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	35.71.155.136 35.71.155.136	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:29:1... 2620:1ec:29:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:710... 2a02:26f0:7100:487::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 31	194.209.96.18 194.209.96.18	3303 (SWISSCOM ...) (SWISSCOM Swisscom Switzerland Ltd)
1	51.107.48.68 51.107.48.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
157	8

2 94.46.168.20 (Portugal) 2 redirects

ASN24768 (ALMOUROLTEC, PT)
PTR: cp72.webserver.pt

cp72.webserver.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

120 20.250.75.149 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

my.css.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:2780:6::214:f58b (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)

cssversicherung.scene7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.155.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: a73d3afe8ff45acb7.awsglobalaccelerator.com

edge.api.flagsmith.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:487::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 194.209.96.18 (Adligenswil, Switzerland) 1 redirects

ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH)
PTR: id.css.ch

id.css.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.107.48.68 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

switzerlandnorth-0.in.applicationinsights.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
151	css.ch 1 redirects my.css.ch id.css.ch	3 MB
2	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 763 switzerlandnorth-0.in.applicationinsights.azure.com — Cisco Umbrella Rank: 766568 Failed	904 B
2	flagsmith.com edge.api.flagsmith.com — Cisco Umbrella Rank: 45493	528 B
2	webserver.pt 2 redirects cp72.webserver.pt	668 B
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 468	81 KB
1	scene7.com cssversicherung.scene7.com	459 B
157	6

	Domain	Requested by
120	my.css.ch	my.css.ch
31	id.css.ch	1 redirects my.css.ch id.css.ch
2	edge.api.flagsmith.com	my.css.ch
2	cp72.webserver.pt	2 redirects
1	switzerlandnorth-0.in.applicationinsights.azure.com	my.css.ch
1	assets.adobedtm.com	my.css.ch
1	js.monitor.azure.com	my.css.ch
1	cssversicherung.scene7.com	my.css.ch
157	8

This site contains links to these domains. Also see Links.

Domain
my.css.ch
www.css.ch

Subject Issuer	Validity	Valid
my.css.ch SwissSign RSA TLS OV ICA 2022 - 1	`2024-01-09` - `2025-01-09`	a year	crt.sh
*.scene7.com DigiCert TLS RSA SHA256 2020 CA1	`2024-10-09` - `2025-10-11`	a year	crt.sh
edge.api.flagsmith.com Amazon RSA 2048 M02	`2024-09-23` - `2025-10-23`	a year	crt.sh
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 04	`2024-08-20` - `2025-08-15`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
id.css.ch SwissSign RSA TLS OV ICA 2022 - 1	`2023-12-06` - `2024-12-06`	a year	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 07	`2024-09-16` - `2025-09-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=a42568524ba945a09917315185641042&code_challenge=_PDIvmu25Yqm5gGkk2sX2Oerdt1BiS0BS2crmuiXDCU&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de
Frame ID: 8672E9A4138121EAFF382D0BDBBEC573
Requests: 155 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

myCSS Login

Page URL History Show full URLs

http://cp72.webserver.pt/~calcetei/cssme/ HTTP 307
https://cp72.webserver.pt/~calcetei/cssme/ HTTP 301
http://cp72.webserver.pt/~calcetei/cssme/ HTTP 307
http://cp72.webserver.pt/~calcetei/cssme/ HTTP 302
https://my.css.ch/ Page URL
https://id.css.ch/auth/oauth2/v3/css/authorize?client_id=css-login-portal&redirect_uri=https%3... HTTP 302
https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-lo... Page URL

Page Statistics

157
Requests

99 %
HTTPS

38 %
IPv6

6
Domains

8
Subdomains

8
IPs

5
Countries

3029 kB
Transfer

5103 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://my.css.ch/onboarding/de
Title: Noch nicht registriert?

Search URL Search Domain Scan URL

URL: https://www.css.ch/de/ueber-css/story/unternehmen/css-gruppe/datenschutz.html
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.css.ch/de/ueber-css/story/unternehmen/css-gruppe/privacy-policy.html
Title: Cookie Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cp72.webserver.pt/~calcetei/cssme/ HTTP 307
https://cp72.webserver.pt/~calcetei/cssme/ HTTP 301
http://cp72.webserver.pt/~calcetei/cssme/ HTTP 307
http://cp72.webserver.pt/~calcetei/cssme/ HTTP 302
https://my.css.ch/ Page URL
https://id.css.ch/auth/oauth2/v3/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=a42568524ba945a09917315185641042&code_challenge=_PDIvmu25Yqm5gGkk2sX2Oerdt1BiS0BS2crmuiXDCU&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de HTTP 302
https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=a42568524ba945a09917315185641042&code_challenge=_PDIvmu25Yqm5gGkk2sX2Oerdt1BiS0BS2crmuiXDCU&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cp72.webserver.pt/~calcetei/cssme/ HTTP 307
https://cp72.webserver.pt/~calcetei/cssme/ HTTP 301
http://cp72.webserver.pt/~calcetei/cssme/ HTTP 307
http://cp72.webserver.pt/~calcetei/cssme/ HTTP 302
https://my.css.ch/

157 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
my.css.ch/
Redirect Chain

http://cp72.webserver.pt/~calcetei/cssme/
https://cp72.webserver.pt/~calcetei/cssme/
http://cp72.webserver.pt/~calcetei/cssme/
http://cp72.webserver.pt/~calcetei/cssme/
https://my.css.ch/

12 KB
5 KB

164ms
63ms

Document
text/html

20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0c538c4b38fbf6145cd89485e06dc51fd0846eef081c84384f3647e48b7f0489

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
content-type: text/html
date: Wed, 13 Nov 2024 15:30:34 GMT
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
expires: 0
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
pragma: no-cache
referrer-policy: origin
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
strict-transport-security: max-age=16070400
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 13 Nov 2024 15:30:34 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.45
location: https://my.css.ch

GET
H2 200 MuseoSans300-webfont.woff2
my.css.ch/assets/fonts/ 17 KB
19 KB 164ms
149ms Font
font/woff2 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/assets/fonts/MuseoSans300-webfont.woff2

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

184d53ce0e02a39cd434b8dd66e2da3dd45c00bbc386ed2f3eaf4c2527c084ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: font/woff2
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
content-length: 17260
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 MuseoSans500-webfont.woff2
my.css.ch/assets/fonts/ 17 KB
19 KB 78ms
66ms Font
font/woff2 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/assets/fonts/MuseoSans500-webfont.woff2

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

26d51505332c23d6cbda9334670d7311bbb034572931905ecd97e7783a15c3db

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: font/woff2
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
content-length: 17620
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 MuseoSans300-Italic-webfont.woff2
my.css.ch/assets/fonts/ 17 KB
19 KB 120ms
109ms Font
font/woff2 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/assets/fonts/MuseoSans300-Italic-webfont.woff2

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

88ca2a80f09237547350197e2027844849b74bbc085cb7abf4122ed169affafb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: font/woff2
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
content-length: 17716
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 MuseoSans500-Italic-webfont.woff2
my.css.ch/assets/fonts/ 18 KB
20 KB 125ms
116ms Font
font/woff2 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/assets/fonts/MuseoSans500-Italic-webfont.woff2

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

226a231ce1028a60148cd1da305104b25ff215d590f90d9845f60e7dfd8ab1da

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: font/woff2
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
content-length: 18104
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 styles-RKNOBQGE.css
my.css.ch/ 52 KB
13 KB 168ms
165ms Stylesheet
text/css 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/styles-RKNOBQGE.css

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73e86f6f90ec4a36ad62f753aed1b5e8f8de79184938098eff4ea04cc98025ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/css
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-U7FE72Z3.js Show response
my.css.ch/ 6 KB
4 KB 147ms
144ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-U7FE72Z3.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e44a4d2ffac566a24f2b65b52e2d486419288dd07197320fdc9b0620a000d125

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-IHBWDNFL.js Show response
my.css.ch/ 6 KB
4 KB 145ms
142ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-IHBWDNFL.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

486c7f69fc8639c75af0238fef542b871f111c8a59db08eed57d0a150cff14eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-YXDGN65Q.js Show response
my.css.ch/ 24 KB
8 KB 153ms
150ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-YXDGN65Q.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dc7421b4882735baa928e6c5d6741dfb819de6204dd89f97e4b5068416eb29ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-7Z2X4QZP.js Show response
my.css.ch/ 149 B
2 KB 146ms
144ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-7Z2X4QZP.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

33b7c433f65ac33d32d9f4a5523ef378169f1b9dad979c2675c5454afce9f927

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-KBE6PQAZ.js Show response
my.css.ch/ 121 B
2 KB 145ms
143ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-KBE6PQAZ.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c6fce9c3876a4d36811fb8d1e82e7f2061ee9f805bb93855df2f6e29ab36b3a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-IGZ3PFVK.js Show response
my.css.ch/ 501 B
2 KB 145ms
143ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-IGZ3PFVK.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3817619e2a46a6f62139c9606e355ea3a373a21fce9c43a5e07d3d0feb93a1a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-CVDDDSFB.js Show response
my.css.ch/ 91 B
2 KB 155ms
153ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-CVDDDSFB.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5f0fe4ca9d6ec49295faacf253b8ba7b557f83858d60db08574a00c3fee022c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-NTM7U6YL.js Show response
my.css.ch/ 41 B
2 KB 164ms
163ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-NTM7U6YL.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

15f46f190b711c9e5c7a421970982bd139b905018a6076eaabce77a442fba41c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-Y7NMNEYH.js Show response
my.css.ch/ 504 B
2 KB 173ms
171ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-Y7NMNEYH.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3c243908944a0f18316cb6db93781ec3c9d6539d7ab9a6cae2bb209481ee328f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-YB4IOZFO.js Show response
my.css.ch/ 9 KB
5 KB 168ms
167ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-YB4IOZFO.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ea1f34066ab6f431fd7b9c1e59a9d68cf018f136c2308157d44fd23699d90746

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 polyfills-SGAWYHLJ.js Show response
my.css.ch/ 34 KB
15 KB 170ms
169ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/polyfills-SGAWYHLJ.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

16ccca0f9ed23a07eb7340d4cfbe70957f2a336894a4c01add83e6b5de200cdd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 scripts-XQ2ZVQBZ.js Show response
my.css.ch/ 452 KB
128 KB 181ms
179ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/scripts-XQ2ZVQBZ.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

90bbc7bfa7153c47da70a524c83aeeae78cf804215b177c2e042d63a664e193d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 main-U5TX74KD.js Show response
my.css.ch/ 346 KB
95 KB 181ms
180ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/main-U5TX74KD.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b3f2bfecec08801e9c93dacb85763b750854e24998306434e7381ea2c5549a16

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-VIKLSXPF.js Show response
my.css.ch/ 70 KB
21 KB 81ms
60ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-VIKLSXPF.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2ba989b208a7903c859caa2de5dc2f0494ad53c009dbd702d16d85acdfef1814

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-Q42ZT5PF.js Show response
my.css.ch/ 145 B
2 KB 76ms
55ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-Q42ZT5PF.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0b75fbbc2ebd2285f986da7554cb7ebd66994f41d318c818e527fa900ac6ea06

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-IWDOEXVN.js Show response
my.css.ch/ 1 KB
2 KB 89ms
69ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-IWDOEXVN.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

45cf2356bd857d1d7bc344ec75434f5946f98fc9192dcf9343087d6635cbfd0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-VQBOWDSJ.js Show response
my.css.ch/ 72 KB
6 KB 118ms
98ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-VQBOWDSJ.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e1357500228e5292166a8e0fcd9a5ee8787a803baac990480a5283572923f79d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-BSYAEPSF.js Show response
my.css.ch/ 493 B
2 KB 78ms
57ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-BSYAEPSF.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f90d2423d235c4b51d3aeac1da6904d23822faa8eca29fa90d3d643a3a0abc9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-7RAVBO6A.js Show response
my.css.ch/ 353 B
2 KB 72ms
52ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-7RAVBO6A.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d60f0706f9ee15e0c1a0dff23897a31bb3acbf2ad895678c84ba9b8eceb5c86e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-CV7DIPVC.js Show response
my.css.ch/ 21 KB
10 KB 76ms
56ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-CV7DIPVC.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

adbe9fbbaf438d807ef45f5a9b033380601146ec68a338cab7e7707ac16377ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-Q2UDNR6U.js Show response
my.css.ch/ 1 KB
2 KB 72ms
52ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-Q2UDNR6U.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f120da68f6e278be110dfa857b347c990d2e55693fea37b45e5a082a0ff1bb79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-TK4BDF6W.js Show response
my.css.ch/ 861 B
2 KB 78ms
58ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-TK4BDF6W.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5b6df3ac6c57975998138d7bfe2107380cc47a5d1690af2aaac3f9556800b6c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-BWCSETRC.js Show response
my.css.ch/ 602 B
2 KB 73ms
53ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-BWCSETRC.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

66e7d65d69f3c8ea0947108600acc2b62774353673699372661aabd4e2e0ec70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-7XC2VWLH.js Show response
my.css.ch/ 954 B
2 KB 120ms
101ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-7XC2VWLH.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e14b21c85ceb9420bd090c89f70673c9fdd0d25035691f696507b0bd2dc5c05d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-CW3ABWYR.js Show response
my.css.ch/ 6 KB
4 KB 125ms
105ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-CW3ABWYR.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dff76c0495d9c6f9e3afa4770ff9236cbeca7374091040c0ea183226d4ef19a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-VQTEIJHT.js Show response
my.css.ch/ 1 KB
2 KB 121ms
102ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-VQTEIJHT.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

82652d7c960154911d332d6fad28ffc6f33abc5412267a1d831278e00769bd11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-TSVWGLJ4.js Show response
my.css.ch/ 179 B
2 KB 122ms
103ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-TSVWGLJ4.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

192053163d2559ec9db2f99d7d68208bfc684687b02c925b4113a45aa07599cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-WENNO7SR.js Show response
my.css.ch/ 28 KB
5 KB 120ms
101ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-WENNO7SR.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f76a885e486264f84e5c83b8f24e0b5fc822ebc3787ec20347def2f1ae45ebf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-QXATS4XG.js Show response
my.css.ch/ 994 B
2 KB 118ms
97ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-QXATS4XG.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

99ba0606d1cac7785602224bdba262476e558ebf70630f7b2a48b3ede8e988d8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-2LJJ5ECI.js Show response
my.css.ch/ 26 KB
11 KB 123ms
102ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-2LJJ5ECI.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2de1b3470b73f4be2b3b7a14443574c2b3271464f94dda4b0e436b18ca9b8199

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-JSG7KQCJ.js Show response
my.css.ch/ 1011 B
2 KB 121ms
101ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-JSG7KQCJ.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b0d59e374a4e372fb4bf76b0a6f58b78865c186dffcb6c08d7a040e2f81f0123

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-UOGLWIUD.js Show response
my.css.ch/ 990 B
2 KB 120ms
100ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-UOGLWIUD.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

21bdcb773e7bc8759a1b9620f633976e821fe5fe4a95d34eb62a4217e87dc9ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-BEKJZU7Y.js Show response
my.css.ch/ 35 KB
5 KB 145ms
125ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-BEKJZU7Y.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e10d70868b94e757b0e43a57fed07b7e0c951843898d511dcf667e65c434dc8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-XKAV3ESM.js Show response
my.css.ch/ 412 B
2 KB 119ms
99ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-XKAV3ESM.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

862cc20c79fde76b86295d712d9aede6ce525c61cbc3ccc76e0b9848575c39f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-THJNLR3W.js Show response
my.css.ch/ 1 KB
2 KB 122ms
102ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-THJNLR3W.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

98dcf87980d129e65b3fcd436a011a7be9f3f93055fc4e966dbd56eb17bfe83c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-YIPW7T5M.js Show response
my.css.ch/ 2 KB
3 KB 228ms
208ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-YIPW7T5M.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0733ca85d9108f84c21b36cde788c41c9665036610394b3d2df03aaeddb4dbd8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-GROMGA5S.js Show response
my.css.ch/ 8 KB
4 KB 213ms
193ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-GROMGA5S.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

16d3d06f9dc41f82f8f1284399b563e1ab3bc158d2d33e3e9b8ac221206b2c12

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-HF5IJDLP.js Show response
my.css.ch/ 728 B
2 KB 206ms
186ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-HF5IJDLP.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7eb3312632f3a353695d27113d7a2a8efed3435d55f8e5d5314681be05b97ff4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-PQKUF5HP.js Show response
my.css.ch/ 127 B
2 KB 227ms
207ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-PQKUF5HP.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

997463458de0a1215fdf337af9e81ebfe21cdb76a8fca63225c05e4adff8452e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-LG5XZBQX.js Show response
my.css.ch/ 643 B
2 KB 206ms
187ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-LG5XZBQX.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b07a154fb0b5962d324eebf8f7de5ca43660d7747f7b07ad2e93127e96137441

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-M7ZCO3DB.js Show response
my.css.ch/ 3 KB
3 KB 225ms
206ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-M7ZCO3DB.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e1b8a7e3ce853ba8adba66089a771c909fe54e5d298e7fe28fc4a82adfa75812

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-GLRLTSPB.js Show response
my.css.ch/ 777 B
2 KB 207ms
188ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-GLRLTSPB.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fe0fb6914b9f2bc7e788da2bacb7c71b8a2245e938cf11fb46b2dccca17ac677

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-7AA4G2SO.js Show response
my.css.ch/ 34 KB
12 KB 222ms
203ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-7AA4G2SO.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e558883a13ad13100a3df0b0dc86a58a84c5d6636c8701bd08944cfa713b3038

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-UK5EEY6A.js Show response
my.css.ch/ 2 KB
3 KB 213ms
194ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-UK5EEY6A.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bb35399222ac05ee1331cae9ce0c8d9156b2f630f2b63f8d3dae19375c916f1d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-D2OKHCWV.js Show response
my.css.ch/ 531 B
2 KB 224ms
205ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-D2OKHCWV.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cf4d56c9a2f1d42651155135b70bc44cd436515468eea7175d4c92a444358cb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-HILG7KMD.js Show response
my.css.ch/ 5 KB
3 KB 225ms
206ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-HILG7KMD.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

40ba031025233614d0bc5639e2635687a2f1984c509fc7e284b982a18b5a6cd6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-IUZNUAGH.js Show response
my.css.ch/ 776 B
2 KB 202ms
183ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-IUZNUAGH.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9e235476c330a1cff3c4561372c891824d52b048b0000659bd5bae6946e15b42

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-J62QLL2L.js Show response
my.css.ch/ 5 KB
4 KB 222ms
204ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-J62QLL2L.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a58e217f9eebc62d03ac5381ac02248d419b3c201fdb4de2c2e2b8bd28d97713

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-HW7KURJ5.js Show response
my.css.ch/ 402 B
2 KB 206ms
188ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-HW7KURJ5.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

009a36c7c584814aefba781eb0efb7eb1abee984975f0d739eb4195c72b37871

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-V25XF4TD.js Show response
my.css.ch/ 348 B
2 KB 251ms
233ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-V25XF4TD.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

66ff8545e04acad1b0dc73ba3d0d655772b69a9e94b5d2d3b998cc2e02e064c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-SS5HFW27.js Show response
my.css.ch/ 15 KB
8 KB 207ms
189ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-SS5HFW27.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a0560479ee423ae437f5e372095ef7758a19fb96cfa1cae174f61be2130fc70f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-CA6LKFGR.js Show response
my.css.ch/ 117 B
2 KB 235ms
217ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-CA6LKFGR.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a12ddbdebf10c28fa7589836bd7b44d726a5917c56dda889c01054062a887e2e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-X5LBVZWT.js Show response
my.css.ch/ 1 KB
2 KB 225ms
207ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-X5LBVZWT.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

033123dc161fe68a33557503bffb595e9cb4a1478d290a78f6b15e8e9eaffd53

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-V3AC3GEG.js Show response
my.css.ch/ 34 KB
9 KB 224ms
206ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-V3AC3GEG.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

91e20d9c93d66985452931d6138f0e50d078f5fa7c9203af11c9f79aadf8eaa1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-L5DWC3IY.js Show response
my.css.ch/ 3 KB
3 KB 250ms
232ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-L5DWC3IY.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2cf03dca25f3a556283e514be0ab3efce0d8090d38af6a9734ab654ab331c092

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-T55JLV4B.js Show response
my.css.ch/ 13 KB
5 KB 393ms
375ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-T55JLV4B.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

640dd9158050a1617c14fa231fa5efa2833b3e6639ca287064a414ffadd952e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-VN56STFD.js Show response
my.css.ch/ 44 KB
12 KB 622ms
604ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-VN56STFD.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5b62c15b0da5717911b2458b57a4f22606dd342c9e59bd8e5088227c71454d5b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:36 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-36JZ4V76.js Show response
my.css.ch/ 2 KB
3 KB 416ms
398ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-36JZ4V76.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

654b97dc096fd24d3d07e7ce5b8d67299a64d9837cc8ae2b037966931b3e34d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-OQXU73ST.js Show response
my.css.ch/ 744 B
2 KB 397ms
380ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-OQXU73ST.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2f8912678023c2f730381146bca1b17cd0e25188f9e0b0d5c0ec295af8fde10c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-6HRGGAQM.js Show response
my.css.ch/ 6 KB
4 KB 451ms
434ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-6HRGGAQM.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

11aa8761cbe9e7d7bce353e115421aa964063a7599eec7d58b479284e0ab472f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-X2XKF2UD.js Show response
my.css.ch/ 4 KB
4 KB 452ms
436ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-X2XKF2UD.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0afc99df76f86c1c2370c9ba83d1a5fb222f04801924452d95f4a7aa197eb0b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-TA4AOSCP.js Show response
my.css.ch/ 23 KB
9 KB 449ms
433ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-TA4AOSCP.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e2d411e7069b1c5decf12f3980d1c51d875a492da05df4fc972ed6d6f924547d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-HSN65IOQ.js Show response
my.css.ch/ 1 KB
2 KB 404ms
389ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-HSN65IOQ.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e19c5496d1a34ec9f2d543045895cee90a43abc56be8dd3e1c884c138524dfdf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-JJ7XDQ6T.js Show response
my.css.ch/ 27 KB
8 KB 405ms
390ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-JJ7XDQ6T.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6da758e3d74a0c2669f17f1fad822e1f2e6a2bc21c63ccad9c0b348c963caa82

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-5YDLV4ZE.js Show response
my.css.ch/ 602 KB
183 KB 472ms
457ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-5YDLV4ZE.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ac81418c14fa8e57fd2dce00f93b466e39fbf8f3dbfb4380b4f12fde657d930a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-EMROKGEJ.js Show response
my.css.ch/ 2 KB
3 KB 412ms
398ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-EMROKGEJ.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

67a471e4b126ada1249691a291ca3fa8637fe961364b1d2153c8a46ebef65ffc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-UTMBBAVH.js Show response
my.css.ch/ 170 KB
60 KB 500ms
486ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-UTMBBAVH.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a16f2a8d577edfd919aab638dac793609d659a36686a9c2a35cc65b6aad0cb62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-FFARCJQA.js Show response
my.css.ch/ 10 KB
5 KB 543ms
529ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-FFARCJQA.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6cffdcb0572cd690f6aba8298d5e4dd424023e2221d154e9b8db488c31e26dda

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-X5ZKPL67.js Show response
my.css.ch/ 946 B
2 KB 482ms
468ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-X5ZKPL67.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7c574997362eed2381b9f865be5929d3f9148d43d0793ac7ced4919b85c3571f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-TROVIAST.js Show response
my.css.ch/ 7 KB
5 KB 483ms
469ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-TROVIAST.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2be8c210b4b838e9c3c2edfc79862ff073cba4de5f7d264e4de8a37b99d6bfed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-SVC3R7OE.js Show response
my.css.ch/ 933 B
2 KB 489ms
475ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-SVC3R7OE.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b6267eec84b2efe1ffb342c6a20d953793a9842e405347fd7a599088d047ac42

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-5QCNFQA2.js Show response
my.css.ch/ 3 KB
3 KB 486ms
472ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-5QCNFQA2.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f232709d4c0a7c80f98545926cb85764b471649f9d5a8f71a4a05d5e84be9c11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-GOYWMCPZ.js Show response
my.css.ch/ 6 KB
4 KB 412ms
398ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-GOYWMCPZ.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dd1d878a8c74cdeb0d8362239d40873d24691d94f37b454cf1d24d56b80a476e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-2C4NEYVL.js Show response
my.css.ch/ 1022 B
2 KB 523ms
510ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-2C4NEYVL.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73a51959b97b95d9ca1d037b0df0ae474e0a4180721ea16c6e5f07984ba7dcc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-D62NWLS6.js Show response
my.css.ch/ 541 B
2 KB 521ms
508ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-D62NWLS6.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eff1e249de193e593201e73e4958d0594251a14940529bdb81419dfda23adb63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-4N22GXPW.js Show response
my.css.ch/ 99 B
2 KB 537ms
524ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-4N22GXPW.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8fc58a8e281eb5e7c778968a5dcffde546dfca1235da92cd7447ae43864bd911

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-GOKFTEF7.js Show response
my.css.ch/ 876 B
2 KB 514ms
500ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-GOKFTEF7.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1ecc40560fe1a9379b028cbff83fd74dae7fde982c8bf65332dab9cd996c5281

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-56CP5X7T.js Show response
my.css.ch/ 183 B
2 KB 463ms
450ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-56CP5X7T.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d67f636a417e99fabe27fbd3510ccf652124bdee4bde1b95550b5a1948ab8656

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-3V3OXDEW.js Show response
my.css.ch/ 37 KB
16 KB 648ms
635ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-3V3OXDEW.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0bb2c7b59d53e56ac6032df764c5d6487bc00338346c7077202fff4759e7f50c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:36 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-AQNLQFPK.js Show response
my.css.ch/ 1 KB
2 KB 522ms
509ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-AQNLQFPK.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6b3fef1e01af6453f7f9ab1e433e34520a2dcb06798e24b6e9881319c3c42f88

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-7I65L3DD.js Show response
my.css.ch/ 268 B
2 KB 481ms
469ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-7I65L3DD.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b35d3f81ee048cc98f2e005fb16052ac49a0bc0f9e41d03f680b91aa4131769e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-NBQQZFXX.js Show response
my.css.ch/ 195 B
2 KB 528ms
515ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-NBQQZFXX.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2e74daf40163bd7bbf26e1b300b1f54b86bff72c8548d30ed15e0b2d451e2219

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-RMWCIN6Y.js Show response
my.css.ch/ 9 KB
5 KB 521ms
508ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-RMWCIN6Y.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5877236ed7ea15230f0938211a9932cc1f162174dcd062a8a51c5380c9bf2159

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-OQ4NSU3H.js Show response
my.css.ch/ 2 KB
3 KB 518ms
506ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-OQ4NSU3H.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4e40bf4d94b62a21afd36d81778aec9a4c82e7e7644a2096a233b943dbc904b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:35 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 config.json Show response
my.css.ch/env/ 2 KB
3 KB 133ms
132ms Fetch
application/json 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/env/config.json

Requested by

Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8f34a992a8736e14af2d7934116f99c4dee509040aafd44961bd3197c48feb5c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:36 GMT
content-type: application/json
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 favicon.ico
my.css.ch/assets/images/ 4 KB
6 KB 112ms
112ms Other
image/vnd.microsoft.icon 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/assets/images/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

443f5da46f138d77ca2716502e5fb652a9f55c763256cfd970113e0c2b2adf74

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://my.css.ch/

Response headers

etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:36 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
content-length: 4286
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 maintenance Show response
cssversicherung.scene7.com/is/content/csskrankenversicherung/ 995 B
459 B 228ms
114ms Fetch
text/css 2a02:26f0:2780:6::214:f58b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cssversicherung.scene7.com/is/content/csskrankenversicherung/maintenance?nocache=1731511836255
Requested by: Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f58b , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Unknown /
Resource Hash: 9364f0149d08c8ed0c02ca2aa7ca3421ff64e6213523572d3b4aedc54e95af47

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept: application/json
Referer: https://my.css.ch/

Response headers

content-encoding: gzip
expires: Fri, 15 Nov 2024 15:30:36 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 259
date: Wed, 13 Nov 2024 15:30:36 GMT
akamai-grn: 0.88b61302.1731511836.714c91a
content-type: text/css
last-modified: Thu, 07 Nov 2024 11:02:08 GMT
server: Unknown
x-akamai-cache: Miss
vary: Accept-Encoding

GET
H2 200 / Show response
edge.api.flagsmith.com/api/v1/flags/ 365 B
528 B 71ms
71ms Fetch
application/json 35.71.155.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.flagsmith.com/api/v1/flags/
Requested by: Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.155.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a73d3afe8ff45acb7.awsglobalaccelerator.com
Software: awselb/2.0 /
Resource Hash: bdaf09e3859577eee6f7d2b1910874289ed3e6894d60990c1c822361caca10d1

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
x-environment-key: n4HwLXVeFZP6cuVh8bD3H7
Referer: https://my.css.ch/

Response headers

aws-lambda-region: eu-west-2
cache-control: max-age=0
access-control-expose-headers: x-flagsmith-document-updated-at
content-encoding: gzip
access-control-allow-credentials: true
x-flagsmith-document-updated-at: 1731333524.615109
access-control-allow-methods: GET, POST, PUT
aws-resource-region: eu-west-2
access-control-allow-origin: *
content-length: 183
date: Wed, 13 Nov 2024 15:30:36 GMT
content-type: application/json
server: awselb/2.0
access-control-allow-headers: *

OPTIONS
H2 200 /
edge.api.flagsmith.com/api/v1/flags/ 0
0 173ms
58ms Preflight
application/json 35.71.155.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.flagsmith.com/api/v1/flags/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.155.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a73d3afe8ff45acb7.awsglobalaccelerator.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-environment-key
Access-Control-Request-Method: GET
Origin: https://my.css.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, PUT
access-control-allow-origin: *
access-control-expose-headers: x-flagsmith-document-updated-at
access-control-max-age: 86400
allow: GET, HEAD, OPTIONS
content-length: 0
content-type: application/json
date: Wed, 13 Nov 2024 15:30:36 GMT
server: awselb/2.0

GET
H2 200 ai.config.1.cfg.json Show response
js.monitor.azure.com/scripts/b/ 1 KB
904 B 409ms
266ms Fetch
application/json 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json
Requested by: Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 64ac278a67256ae70d462c23307e75416d4e5a0a060f95e124be57772ee5b43f

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://my.css.ch/

Response headers

x-azure-ref: 20241113T153036Z-17b96ddf85c4s65xhC1FRA6kp000000000p000000000t1qa
cache-control: public, max-age=1800, immutable, no-transform
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdkver,x-ms-meta-aijssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 141961c7-f01e-00eb-6461-2e55b3000000
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.config.1.0.0.cfg.json
access-control-allow-origin: *
x-cache: TCP_HIT
x-ms-meta-aijssdkver: 1.0.0
date: Wed, 13 Nov 2024 15:30:36 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 02 Apr 2024 18:24:43 GMT

GET
H2 200 chunk-CYQC3HPW.js Show response
my.css.ch/ 911 B
2 KB 49ms
49ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-CYQC3HPW.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/main-U5TX74KD.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eed9b7322dbd260bfcbc77c5d59608ee574cfb899571e8c767aabf5b60e85cdb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:36 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-5NNGL742.js Show response
my.css.ch/ 1 KB
2 KB 51ms
50ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-5NNGL742.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/chunk-JSG7KQCJ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9daa4015cdaec2387671c536ac2cee3900bb8fc3a6e521df630b935b9bc44597

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:36 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 launch-a50a3ff59732.min.js Show response
assets.adobedtm.com/091b5d609578/5e31050b4550/ 297 KB
81 KB 124ms
30ms Script
application/x-javascript 2a02:26f0:7100:487::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/091b5d609578/5e31050b4550/launch-a50a3ff59732.min.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/main-U5TX74KD.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:487::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

0dd60776bd46b3f2cc5ac8fd8c83687a585dc9ab01827ba66e77d5e173e02ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://my.css.ch/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "680a2aa56e5d4ce2daabfa20af3a8905:1728894872.435769"
x-content-type-options: nosniff
expires: Wed, 13 Nov 2024 16:30:36 GMT
accept-ranges: bytes
access-control-allow-origin: https://my.css.ch
content-length: 82193
date: Wed, 13 Nov 2024 15:30:36 GMT
content-type: application/x-javascript
last-modified: Mon, 14 Oct 2024 08:34:32 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 chunk-D3BOR742.js Show response
my.css.ch/ 1 KB
2 KB 49ms
48ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-D3BOR742.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/main-U5TX74KD.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ef579426bc061fd2a183514d27fb9bbf3b469b96a0ca5a96bc1cbc1a9238555c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:36 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-IN3IU3PJ.js Show response
my.css.ch/ 3 KB
3 KB 48ms
47ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-IN3IU3PJ.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/main-U5TX74KD.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7691c760a58fe672e9848ad70e7280a74e8d959732af304fd8410bc6e1819d0d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:36 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 de.json Show response
my.css.ch/assets/translations/ 228 KB
39 KB 276ms
275ms XHR
application/json 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/assets/translations/de.json

Requested by

Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ebb177231b3a6f3fe5576e094afb967a16840dec1415ed1517c2a3a07cdff548

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

Request-Id: |106d011904514bda9c95dbae2ab5f2bc.cc9635e470aa464c
traceparent: 00-106d011904514bda9c95dbae2ab5f2bc-cc9635e470aa464c-01
Referer: https://my.css.ch/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept: application/json, text/plain, */*

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:36 GMT
content-type: application/json
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-6UL43TUO.js Show response
my.css.ch/ 37 KB
11 KB 55ms
55ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-6UL43TUO.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/main-U5TX74KD.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e4d88741e861b7ba4db2fa76d8a8af99800f8e5016e4e5bbdfb70c15abfaa5df

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-SIUE7RVV.js Show response
my.css.ch/ 31 KB
10 KB 160ms
157ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-SIUE7RVV.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

faec5735766a9ce6912b66740f05caf9a0eb7d34d65a82be83a286748e3a419a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-G6QNCBKA.js Show response
my.css.ch/ 5 KB
4 KB 121ms
118ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-G6QNCBKA.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

871bed6c5bdb183c7b63b651705a7896ccbca789e96b6793c4a170a669f4eadb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-NJA56QI7.js Show response
my.css.ch/ 3 KB
3 KB 160ms
158ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-NJA56QI7.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1e1b4a08b9123cdac553ad647bff099fa6cba2d643e1a047b1939d242de93df1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-JLMMVCX6.js Show response
my.css.ch/ 4 KB
3 KB 122ms
120ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-JLMMVCX6.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

086b610a57094826649ac0c5c708232fc7c94910354ddea0a9fa19094eacec64

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-37LJFUTN.js Show response
my.css.ch/ 13 KB
6 KB 160ms
158ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-37LJFUTN.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8795c9f48de1b79d8d9f5742c069a99a064492e45657cd02e00cc028680ed10b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-NZ4V4OQP.js Show response
my.css.ch/ 4 KB
3 KB 133ms
131ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-NZ4V4OQP.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

54d35c34474b113b601024629d9b86b206e3c4a307b8addf53728625d072a9ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-ZGN2XSZQ.js Show response
my.css.ch/ 1 KB
3 KB 121ms
119ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-ZGN2XSZQ.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dd71f2ab678d9dd0506b582fc402ce0a2f0d4f8bd4bad4577a9303c34c25d69d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-H3DWRMYG.js Show response
my.css.ch/ 53 KB
6 KB 134ms
133ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-H3DWRMYG.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

032fe7d436b11eb3d461d37d01f12e2a02187288280aa27a1d92f94eb608ad8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-QBSDVLSP.js Show response
my.css.ch/ 4 KB
3 KB 109ms
107ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-QBSDVLSP.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

05e57a6441b503d615f0497ab2e125f648d7804274e972715cbf9b65c1cb1ccf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-NQNRPSMJ.js Show response
my.css.ch/ 3 KB
3 KB 120ms
119ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-NQNRPSMJ.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b6b15bbee66c83ab38bfc7731e123a639baef65987b13af03914a8b39825be8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-SSKO42FR.js Show response
my.css.ch/ 4 KB
3 KB 469ms
468ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-SSKO42FR.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ae33a5398f53225169d5a9a04e65a4fec0786488b60daae02467ee4ec8a8ad7e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-NTRHIJ3N.js Show response
my.css.ch/ 112 KB
36 KB 498ms
497ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-NTRHIJ3N.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a4bee8963657cfaf309e2ad49c345aede99a174089b68188a5a1e97124aa3925

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-P62XEDYW.js Show response
my.css.ch/ 3 KB
3 KB 498ms
497ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-P62XEDYW.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5ed737490389c29e2a51e0b5c8321698c03c584f3f8c14fbc7f4f4bed5f4e3a7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-ZZ2YVSSK.js Show response
my.css.ch/ 543 B
2 KB 468ms
466ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-ZZ2YVSSK.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6e4c252f37de5f0646b8e268c231755c1851b3447252c8d179b5c3eb80f4c4de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-I2QYV6FU.js Show response
my.css.ch/ 7 KB
3 KB 495ms
494ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-I2QYV6FU.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

02c9c92755a345684a0327bbaf6cc006c695735f8432a71bf76dd7fad503d1c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-I6IZA6FZ.js Show response
my.css.ch/ 11 KB
4 KB 474ms
473ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-I6IZA6FZ.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0025485a6b6ee0e339ee16627aad8818ac62cc81ce96477d1112aa08880ba26c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-TYJUUKJE.js Show response
my.css.ch/ 2 KB
3 KB 465ms
465ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-TYJUUKJE.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

41c956b95a4836da6e7a778b695294b4652d78f7dd857054d2ecfb0b04345eaf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-JGVOO2EN.js Show response
my.css.ch/ 19 KB
7 KB 494ms
494ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-JGVOO2EN.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0509921f6fa204de0bed95fa8472a213e32f2ac2a5946b3c35499e9c2ea75e22

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-HY4Z65LO.js Show response
my.css.ch/ 2 KB
3 KB 465ms
465ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-HY4Z65LO.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/main-U5TX74KD.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4da8ba784468aafc9253e469bfc65bcb24b563a4955eece94323f705a6027d5e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-YO5ZPNQE.js Show response
my.css.ch/ 314 B
2 KB 466ms
466ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-YO5ZPNQE.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/main-U5TX74KD.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7c3152dc5b90a96056e64dfbd04f3bfb026a40d62d607ae8d3ff6954b9a1c811

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-VEXC3JUN.js Show response
my.css.ch/ 404 B
2 KB 95ms
95ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-VEXC3JUN.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/main-U5TX74KD.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

26941ac1cce9e48241667eb3cfbe7a921ce046b7ecb5475bdb80cfebe3b052ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 chunk-45VV7TQN.js Show response
my.css.ch/ 952 B
2 KB 94ms
94ms Script
text/javascript 20.250.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.css.ch/chunk-45VV7TQN.js

Requested by

Host: my.css.ch
URL: https://my.css.ch/main-U5TX74KD.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ece06f0c16a254f73ebcb97bff06c8f122c50c4bd73040435c09f68588c732d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://my.css.ch
Referer: https://my.css.ch/

Response headers

content-encoding: br
etag: "18395470"
expect-ct: max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to: report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: text/javascript
last-modified: Fri, 08 Nov 2024 12:17:14 GMT
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
nel: {report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection: 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

GET
H2 200 self-openid-configuration Show response
id.css.ch/auth/rest/oauth2/authorization-servers/css/.well-known/ 1 KB
3 KB 133ms
46ms Fetch
application/json 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/rest/oauth2/authorization-servers/css/.well-known/self-openid-configuration

Requested by

Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

173d9fe05b29be9682dedd8034025e256b7fe31a83741fbd25ee3307f22c6a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept: application/jwk-set+json, application/json
Referer: https://my.css.ch/

Response headers

expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:37 GMT
content-type: application/json;charset=UTF-8
vary: Origin,Accept-Encoding,User-Agent
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true, true
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://my.css.ch
content-length: 1381
x-xss-protection: 1; mode=block
server: Apache

GET
H2

200

Primary Request authorize Show response
id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/
Redirect Chain

https://id.css.ch/auth/oauth2/v3/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=a42568524b...
https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+...

3 KB
4 KB

40ms
40ms

Document
text/html

194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=a42568524ba945a09917315185641042&code_challenge=_PDIvmu25Yqm5gGkk2sX2Oerdt1BiS0BS2crmuiXDCU&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de

Requested by

Host: my.css.ch
URL: https://my.css.ch/chunk-VIKLSXPF.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

265fea735c812e57957bdfa3f3f3d43e144fb9bbbd44af47b4366671e7ab93fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; object-src 'none'; script-src 'nonce-4E2iwlL9Y67Y-zj1DtX9aOSNHcxY3EuW9PTcSW17QCI' 'strict-dynamic' 'self' .cookiebot.com; img-src 'self' data:; connect-src 'self' .css.ch .cookiebot.com .applicationinsights.azure.com; base-uri 'self'; frame-src 'self' .cookiebot.com; frame-ancestors 'self' .css.ch .azurestaticapps.net .azurewebsites.net *.cookiebot.com; upgrade-insecure-requests; block-all-mixed-content; report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce; report-to csp-endpoint;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.css.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
cache-control: no-store, no-cache, must-revalidate
content-length: 3194
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; object-src 'none'; script-src 'nonce-4E2iwlL9Y67Y-zj1DtX9aOSNHcxY3EuW9PTcSW17QCI' 'strict-dynamic' 'self' *.cookiebot.com; img-src 'self' data:; connect-src 'self' *.css.ch *.cookiebot.com *.applicationinsights.azure.com; base-uri 'self'; frame-src 'self' *.cookiebot.com; frame-ancestors 'self' *.css.ch *.azurestaticapps.net *.azurewebsites.net *.cookiebot.com; upgrade-insecure-requests; block-all-mixed-content; report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce; report-to csp-endpoint;
content-type: text/html;charset=UTF-8
date: Wed, 13 Nov 2024 15:30:37 GMT
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
expires: 0
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
referrer-policy: origin
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
server: Apache
strict-transport-security: max-age=16070400
vary: Origin,Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; object-src 'none'; script-src 'nonce-5lmxaavaeIm1GYQgvtZPOgppjk41ZECGE1s1ccztXxo' 'strict-dynamic' 'self' *.cookiebot.com; img-src 'self' data:; connect-src 'self' *.css.ch *.cookiebot.com *.applicationinsights.azure.com; base-uri 'self'; frame-src 'self' *.cookiebot.com; frame-ancestors 'self' *.css.ch *.azurestaticapps.net *.azurewebsites.net *.cookiebot.com; upgrade-insecure-requests; block-all-mixed-content; report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce; report-to csp-endpoint;
content-type: text/plain;charset=utf-8
date: Wed, 13 Nov 2024 15:30:37 GMT
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
expires: 0
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
last-modified: Wed, 13 Nov 2024 15:30:37 GMT
location: /auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=a42568524ba945a09917315185641042&code_challenge=_PDIvmu25Yqm5gGkk2sX2Oerdt1BiS0BS2crmuiXDCU&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
referrer-policy: origin
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
server: Apache
strict-transport-security: max-age=16070400
vary: Origin,Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST track
switzerlandnorth-0.in.applicationinsights.azure.com/v2/ 0
0

OPTIONS
H2 204 track
switzerlandnorth-0.in.applicationinsights.azure.com/v2/ 0
0 431ms
60ms Preflight 51.107.48.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://switzerlandnorth-0.in.applicationinsights.azure.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.107.48.68 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://my.css.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Wed, 13 Nov 2024 15:30:37 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

GET
H2 200 styles.08707b8b70dd5836.css
id.css.ch/auth/ui/ 62 KB
62 KB 109ms
108ms Stylesheet
text/css 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/styles.08707b8b70dd5836.css

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=a42568524ba945a09917315185641042&code_challenge=_PDIvmu25Yqm5gGkk2sX2Oerdt1BiS0BS2crmuiXDCU&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

46b5e5251724cd6aad0a7dc21529b2a774318d07e4093c3aa275cc5d8fb03577

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://id.css.ch/

Response headers

etag: W/"63539-1721227232000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:37 GMT
last-modified: Wed, 17 Jul 2024 14:40:32 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/css;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
content-length: 63539
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 iam.e8131b50722b3d67.js Show response
id.css.ch/auth/ui/assets/airlock/js/ 7 KB
7 KB 76ms
75ms Script
text/javascript 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/assets/airlock/js/iam.e8131b50722b3d67.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

73d2de38c926993924a4df0afd4ec669364162bc69b0d02601096fddf4447340

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://id.css.ch/

Response headers

etag: W/"6704-1718688826000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:37 GMT
last-modified: Tue, 18 Jun 2024 05:33:46 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/javascript;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
content-length: 6704
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 iam-custom.dd828a0acf5afdf7.js Show response
id.css.ch/auth/ui/assets/custom/js/ 361 KB
361 KB 73ms
73ms Script
text/javascript 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

51ffc83ed743ac83bbaa31ff70205a8c8005e18fd33b181753a1589d162fa516

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://id.css.ch
Referer: https://id.css.ch/

Response headers

etag: W/"369676-1721227244000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:37 GMT
last-modified: Wed, 17 Jul 2024 14:40:44 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/javascript;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
access-control-allow-origin: https://id.css.ch
content-length: 369676
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 runtime.a5fcb72dd38bddab.js Show response
id.css.ch/auth/ui/ 7 KB
7 KB 75ms
74ms Script
text/javascript 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

dcde0aa43386104265e30aa734a2f7afc188bae7b872beaac115ba1f4a3fd3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://id.css.ch
Referer: https://id.css.ch/

Response headers

etag: W/"6930-1718688826000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:37 GMT
last-modified: Tue, 18 Jun 2024 05:33:46 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/javascript;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
access-control-allow-origin: https://id.css.ch
content-length: 6930
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 polyfills.44be6b6d8b1d9b4f.js Show response
id.css.ch/auth/ui/ 33 KB
33 KB 110ms
110ms Script
text/javascript 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/polyfills.44be6b6d8b1d9b4f.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

25f0664272677a3f1de14a2800edecf83935da3a625e1441a4a7982bc947888a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://id.css.ch
Referer: https://id.css.ch/

Response headers

etag: W/"34163-1718688826000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:37 GMT
last-modified: Tue, 18 Jun 2024 05:33:46 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/javascript;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
access-control-allow-origin: https://id.css.ch
content-length: 34163
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 scripts.36c7649c8b23686e.js Show response
id.css.ch/auth/ui/ 144 KB
144 KB 105ms
105ms Script
text/javascript 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/scripts.36c7649c8b23686e.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

18e190ecef8f0abab753ce7d080a9226db06ccd7ef307e7b23e3d1311aecabcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://id.css.ch/

Response headers

etag: W/"147746-1718688826000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:37 GMT
last-modified: Tue, 18 Jun 2024 05:33:46 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/javascript;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
content-length: 147746
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 main.574d81c245f99009.js Show response
id.css.ch/auth/ui/ 972 KB
973 KB 110ms
110ms Script
text/javascript 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/main.574d81c245f99009.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

467dfd94d2f3fc07b180873e78455d838d0a66763625bafee9c14a34968bdbdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://id.css.ch
Referer: https://id.css.ch/

Response headers

etag: W/"995391-1718688826000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:37 GMT
last-modified: Tue, 18 Jun 2024 05:33:46 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/javascript;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
access-control-allow-origin: https://id.css.ch
content-length: 995391
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 languages Show response
id.css.ch/auth/rest/public/ui/ 209 B
315 B 66ms
66ms XHR
application/vnd.api+json 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/rest/public/ui/languages

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

9081b50da67ceee980939e11d4b018e60ac4757d69cd560a1534bd0f2b7ca340

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Cache-Control: no-cache
Referer: https://id.css.ch/
Pragma: no-cache
X-Same-Domain: 1
Request-Id: |c7fe15caadf54036ab44b630a17197a3.10282f49e0a84bd8
traceparent: 00-c7fe15caadf54036ab44b630a17197a3-10282f49e0a84bd8-01
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
If-Modified-Since: 0
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
expires: 0
date: Wed, 13 Nov 2024 15:30:38 GMT
last-modified: Wed, 13 Nov 2024 15:30:38 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: application/vnd.api+json
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: no-store, no-cache, must-revalidate
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
content-length: 209
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 common.a96369b7e9b73fc0.js Show response
id.css.ch/auth/ui/ 54 KB
54 KB 43ms
37ms Script
text/javascript 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/common.a96369b7e9b73fc0.js

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

28068ef87eebe9c924f5f8e6250a2c59138b2577e36882d8dda00396e64cec67

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://id.css.ch
Referer: https://id.css.ch/

Response headers

etag: W/"55555-1718688826000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:38 GMT
last-modified: Tue, 18 Jun 2024 05:33:46 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/javascript;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
access-control-allow-origin: https://id.css.ch
content-length: 55555
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 4297.98b7be890ea6e9d4.js Show response
id.css.ch/auth/ui/ 18 KB
19 KB 43ms
38ms Script
text/javascript 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/4297.98b7be890ea6e9d4.js

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

dc1979adbb5fcb8d71ad0a0808168555de5132eba802f5f0bf1b0bb3fbbde626

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://id.css.ch
Referer: https://id.css.ch/

Response headers

etag: W/"18902-1718688826000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:38 GMT
last-modified: Tue, 18 Jun 2024 05:33:46 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/javascript;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
access-control-allow-origin: https://id.css.ch
content-length: 18902
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 MuseoSans300-webfont.6c49dff08d4f9398.woff2
id.css.ch/auth/ui/ 17 KB
17 KB 36ms
36ms Font
font/woff2 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/MuseoSans300-webfont.6c49dff08d4f9398.woff2

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/styles.08707b8b70dd5836.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

184d53ce0e02a39cd434b8dd66e2da3dd45c00bbc386ed2f3eaf4c2527c084ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://id.css.ch
Referer: https://id.css.ch/

Response headers

etag: W/"17260-1721227232000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:38 GMT
last-modified: Wed, 17 Jul 2024 14:40:32 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: font/woff2
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
access-control-allow-origin: https://id.css.ch
content-length: 17260
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 de.json Show response
id.css.ch/auth/ui/assets/airlock/i18n/ 69 KB
69 KB 42ms
41ms XHR
application/json 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/assets/airlock/i18n/de.json

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

62319feb1bff066c27ee91e5b188c9a09e2c04c4cf6c6bb98e61fd3d5eb97d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Request-Id: |c7fe15caadf54036ab44b630a17197a3.00a8513e0ca94883
traceparent: 00-c7fe15caadf54036ab44b630a17197a3-00a8513e0ca94883-01
Referer: https://id.css.ch/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept: application/json, text/plain, */*

Response headers

etag: 1296823158
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:38 GMT
last-modified: Wed, 28 Aug 2024 07:14:59 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: application/json;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=0
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
content-length: 70532
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 8552.ed3caa7d7b2b6014.js Show response
id.css.ch/auth/ui/ 2 KB
2 KB 37ms
36ms Script
text/javascript 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/8552.ed3caa7d7b2b6014.js

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

54d5a65ad73975ba4f32c410f6448a25ef4d35c801cc9ece1e856ff2569ca71e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://id.css.ch
Referer: https://id.css.ch/

Response headers

etag: W/"1724-1718688826000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Tue, 18 Jun 2024 05:33:46 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/javascript;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
access-control-allow-origin: https://id.css.ch
content-length: 1724
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 6424.7bfbcdde6d729f35.js Show response
id.css.ch/auth/ui/ 3 KB
3 KB 42ms
42ms Script
text/javascript 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/6424.7bfbcdde6d729f35.js

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

24bbac3376a3aaed9d1ee9c421ad5a4f736adfe1467e9afe1dfdeb04fc35c71e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://id.css.ch
Referer: https://id.css.ch/

Response headers

etag: W/"2996-1718688826000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Tue, 18 Jun 2024 05:33:46 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/javascript;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
access-control-allow-origin: https://id.css.ch
content-length: 2996
x-xss-protection: 1; mode=block
server: Apache

DELETE
H2 204 flow Show response
id.css.ch/auth/rest/public/authentication/ 0
50 B 39ms
39ms XHR
text/plain 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/rest/public/authentication/flow

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Cache-Control: no-cache
Referer: https://id.css.ch/
Accept-Language: de
Pragma: no-cache
X-Same-Domain: 1
Request-Id: |c7fe15caadf54036ab44b630a17197a3.ffce073f8cad43df
traceparent: 00-c7fe15caadf54036ab44b630a17197a3-ffce073f8cad43df-01
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
If-Modified-Since: 0
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
expires: 0
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Wed, 13 Nov 2024 15:30:39 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: no-store, no-cache, must-revalidate
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://id.css.ch
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 favicon.ico
id.css.ch/auth/ui/assets/custom/img/ 4 KB
4 KB 36ms
36ms Other
image/x-icon 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/assets/custom/img/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

443f5da46f138d77ca2716502e5fb652a9f55c763256cfd970113e0c2b2adf74

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://id.css.ch/

Response headers

etag: W/"4286-1721227234000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Wed, 17 Jul 2024 14:40:34 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: image/x-icon
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
content-length: 4286
x-xss-protection: 1; mode=block
server: Apache

POST
H2 401 authorize Show response
id.css.ch/auth/rest/public/authentication/oauth2/authorization-servers/css/ 191 B
534 B 41ms
40ms XHR
application/vnd.api+json 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/rest/public/authentication/oauth2/authorization-servers/css/authorize

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

ec186477005b18738d87dc7bd289915d1902d88954cc202c28affc64e4a17637

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Cache-Control: no-cache
Referer: https://id.css.ch/
Accept-Language: de
Pragma: no-cache
X-Same-Domain: 1
Request-Id: |c7fe15caadf54036ab44b630a17197a3.b062481b1c6e4ecb
traceparent: 00-c7fe15caadf54036ab44b630a17197a3-b062481b1c6e4ecb-01
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
If-Modified-Since: 0
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
expires: 0
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Wed, 13 Nov 2024 15:30:39 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: application/vnd.api+json
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: no-store, no-cache, must-revalidate
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
www-authenticate: None
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin: https://id.css.ch
content-length: 191
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 configuration Show response
id.css.ch/auth/rest/public/authentication/ui/ 322 B
363 B 286ms
285ms XHR
application/vnd.api+json 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/rest/public/authentication/ui/configuration

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

89617356abc5c91c785860fd6fb55b6c924cee4e07abd306e554b69c558bf268

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Cache-Control: no-cache
Referer: https://id.css.ch/
Accept-Language: de
Pragma: no-cache
X-Same-Domain: 1
Request-Id: |c7fe15caadf54036ab44b630a17197a3.e65f8c0392064fd6
traceparent: 00-c7fe15caadf54036ab44b630a17197a3-e65f8c0392064fd6-01
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
If-Modified-Since: 0
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
expires: 0
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Wed, 13 Nov 2024 15:30:39 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: application/vnd.api+json
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: no-store, no-cache, must-revalidate
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
content-length: 322
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 3640.cc8aca638b28bfb0.js Show response
id.css.ch/auth/ui/ 11 KB
12 KB 44ms
42ms Script
text/javascript 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/3640.cc8aca638b28bfb0.js

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

4e7bdec884dcc94de26fe95a6e32c0f5fd78a1c8f7aab28e10e9d7196affad29

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://id.css.ch
Referer: https://id.css.ch/

Response headers

etag: W/"11585-1718688826000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Tue, 18 Jun 2024 05:33:46 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/javascript;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
access-control-allow-origin: https://id.css.ch
content-length: 11585
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 9756.5e6bd003b8bd1682.js Show response
id.css.ch/auth/ui/ 32 KB
32 KB 45ms
45ms Script
text/javascript 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/9756.5e6bd003b8bd1682.js

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

9b0e3b7118d9987303555e13b466c6ef4c9980792c3f1dd11a01d93263da9cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://id.css.ch
Referer: https://id.css.ch/

Response headers

etag: W/"32785-1718688826000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Tue, 18 Jun 2024 05:33:46 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/javascript;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
access-control-allow-origin: https://id.css.ch
content-length: 32785
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 6326.eaa140bfff4e957e.js Show response
id.css.ch/auth/ui/ 12 KB
12 KB 46ms
46ms Script
text/javascript 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/6326.eaa140bfff4e957e.js

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

6dfb24e850f09de9e9d7575d093c1a11145a97b6fb251b0fc92352b876849910

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://id.css.ch
Referer: https://id.css.ch/

Response headers

etag: W/"12384-1718688826000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Tue, 18 Jun 2024 05:33:46 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/javascript;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
access-control-allow-origin: https://id.css.ch
content-length: 12384
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 2076.d660fa4a4ed85bd6.js Show response
id.css.ch/auth/ui/ 29 KB
29 KB 45ms
44ms Script
text/javascript 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/2076.d660fa4a4ed85bd6.js

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

5180491ba74eee59c3454fc581cfbd1149c61bfb58adc812f15d3d27cdfe4a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://id.css.ch
Referer: https://id.css.ch/

Response headers

etag: W/"29533-1718688826000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Tue, 18 Jun 2024 05:33:46 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/javascript;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
access-control-allow-origin: https://id.css.ch
content-length: 29533
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 1492.a68e584579b8c2e7.js Show response
id.css.ch/auth/ui/ 2 KB
2 KB 46ms
45ms Script
text/javascript 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/1492.a68e584579b8c2e7.js

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

e59a6120cf307a7a6132078aeca04fe018d071237d30d39054872a049b9a12d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://id.css.ch
Referer: https://id.css.ch/

Response headers

etag: W/"1735-1718688826000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Tue, 18 Jun 2024 05:33:46 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: text/javascript;charset=UTF-8
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: public, max-age=31536000
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
access-control-allow-origin: https://id.css.ch
content-length: 1735
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 configuration Show response
id.css.ch/auth/rest/public/authentication/ui/ 322 B
363 B 38ms
38ms XHR
application/vnd.api+json 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/rest/public/authentication/ui/configuration

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

3cdac406810c04b22ec751ce50f5ccd9945eeea098477d9b042fd89b5c1586ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Cache-Control: no-cache
Referer: https://id.css.ch/
Accept-Language: de
Pragma: no-cache
X-Continue-Flow: true
X-Same-Domain: 1
Request-Id: |c7fe15caadf54036ab44b630a17197a3.3dedf8dc6ca04c11
traceparent: 00-c7fe15caadf54036ab44b630a17197a3-3dedf8dc6ca04c11-01
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
If-Modified-Since: 0
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
expires: 0
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Wed, 13 Nov 2024 15:30:39 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: application/vnd.api+json
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
cache-control: no-store, no-cache, must-revalidate
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
content-length: 322
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 MuseoSans500-webfont.619169faeb3efa73.woff2
id.css.ch/auth/ui/ 17 KB
17 KB 44ms
44ms Font
font/woff2 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/MuseoSans500-webfont.619169faeb3efa73.woff2

Requested by

Host: id.css.ch
URL: https://id.css.ch/auth/ui/styles.08707b8b70dd5836.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

26d51505332c23d6cbda9334670d7311bbb034572931905ecd97e7783a15c3db

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://id.css.ch
Referer: https://id.css.ch/

Response headers

etag: W/"17620-1721227232000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Wed, 17 Jul 2024 14:40:32 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: font/woff2
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
access-control-allow-origin: https://id.css.ch
content-length: 17620
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 CSS_cyan_rgb.svg
id.css.ch/auth/ui/assets/custom/img/css-logo/ 1 KB
1 KB 45ms
45ms Image
image/svg+xml 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id.css.ch/auth/ui/assets/custom/img/css-logo/CSS_cyan_rgb.svg?23937f236b3be9ee4a78

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

0cdb9ee0a9861e2c652dc044669c20fc744b65bf5dc0db0508dbd86df9bd5470

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://id.css.ch/

Response headers

etag: W/"1282-1721227234000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Wed, 17 Jul 2024 14:40:34 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: image/svg+xml
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
content-length: 1282
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 CSS_125_siegel_dfi.svg
id.css.ch/auth/ui/assets/custom/img/css-logo/ 4 KB
4 KB 42ms
42ms Image
image/svg+xml 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id.css.ch/auth/ui/assets/custom/img/css-logo/CSS_125_siegel_dfi.svg?23937f236b3be9ee4a78

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

eb3dbfba8a4717a00537b58c42f7055a9ddfc38ba6e89d1829ca5caed793fc51

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://id.css.ch/

Response headers

etag: W/"4346-1721227234000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Wed, 17 Jul 2024 14:40:34 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: image/svg+xml
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=16070400
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
content-length: 4346
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 favicon.ico
id.css.ch/auth/ui/assets/custom/img/ 4 KB
0 0ms
0ms Other
image/x-icon 194.209.96.18
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.css.ch/auth/ui/assets/custom/img/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

id.css.ch

Software

Apache /

Resource Hash

443f5da46f138d77ca2716502e5fb652a9f55c763256cfd970113e0c2b2adf74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://id.css.ch/

Response headers

etag: W/"4286-1721227234000"
expect-ct: max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, POST, PUT, DELETE
date: Wed, 13 Nov 2024 15:30:39 GMT
last-modified: Wed, 17 Jul 2024 14:40:34 GMT
vary: Origin,Accept-Encoding,User-Agent
feature-policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type: image/x-icon
access-control-allow-headers: Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options: SAMEORIGIN
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials: true
referrer-policy: origin
permissions-policy: fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
content-length: 4286
x-xss-protection: 1; mode=block
server: Apache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: switzerlandnorth-0.in.applicationinsights.azure.com
URL: https://switzerlandnorth-0.in.applicationinsights.azure.com/v2/track

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cp72.webserver.pt/	1969-12-31 23:59:59	Name: PHPSESSID Value: g6bpg77b6mr4tgs22ng4bdsqb7
my.css.ch/	1970-01-21 09:44:07	Name: ai_user Value: 4eDt7IEvFj0Mwfh3FKpmId\|2024-11-13T15:30:36.520Z
my.css.ch/	1970-01-21 00:58:33	Name: ai_session Value: n48GdA/MA+o0pu35PSVq4X\|1731511836635\|1731511836635
.css.ch/	1969-12-31 23:59:59	Name: CSS_SESS-S Value: Acr3ISA3o91Jsc2AgVQoEBBJnDUloRQgZ5AEHiGDENgh0Rwgex6P7k62uigq5gzVfKPj
.css.ch/	1969-12-31 23:59:59	Name: CSS_LB-S Value: $xc/6gPR57ICf!qNKwRMKqsdcCC7rDsaw3H3Nkw4nnLQkYfTAmlt
id.css.ch/	1970-01-21 09:44:07	Name: ai_user Value: PSESHNeEokNK9uF1jNf5YK\|2024-11-13T15:30:38.533Z
id.css.ch/	1970-01-21 00:58:33	Name: ai_session Value: y4JZoCje5avg0BuuUG4zeb\|1731511838575\|1731511838575

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vr'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, encrypted-media, fullscreen, geolocation, gyroscope, magnetometer, microphone, midi, payment, picture-in-picture, sync-xhr, usb. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'vr'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: autoplay, camera, encrypted-media, fullscreen, geolocation, microphone, midi, payment. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'vr'.
security	error	URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js(Line 1) Message: Refused to connect to 'https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json' because it violates the following Content Security Policy directive: "connect-src 'self' .css.ch .cookiebot.com *.applicationinsights.azure.com".
javascript	error	URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.dd828a0acf5afdf7.js(Line 1) Message: Refused to connect to 'https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json' because it violates the document's Content Security Policy.
network	error	URL: https://id.css.ch/auth/rest/public/authentication/oauth2/authorization-servers/css/authorize Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: .css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' .css.ch maps.googleapis.com consentcdn.cookiebot.com .applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' .css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cp72.webserver.pt
cssversicherung.scene7.com
edge.api.flagsmith.com
id.css.ch
js.monitor.azure.com
my.css.ch
switzerlandnorth-0.in.applicationinsights.azure.com
switzerlandnorth-0.in.applicationinsights.azure.com
194.209.96.18
20.250.75.149
2620:1ec:29:1::45
2a02:26f0:2780:6::214:f58b
2a02:26f0:7100:487::1e80
35.71.155.136
51.107.48.68
94.46.168.20
0025485a6b6ee0e339ee16627aad8818ac62cc81ce96477d1112aa08880ba26c
009a36c7c584814aefba781eb0efb7eb1abee984975f0d739eb4195c72b37871
02c9c92755a345684a0327bbaf6cc006c695735f8432a71bf76dd7fad503d1c6
032fe7d436b11eb3d461d37d01f12e2a02187288280aa27a1d92f94eb608ad8f
033123dc161fe68a33557503bffb595e9cb4a1478d290a78f6b15e8e9eaffd53
0509921f6fa204de0bed95fa8472a213e32f2ac2a5946b3c35499e9c2ea75e22
05e57a6441b503d615f0497ab2e125f648d7804274e972715cbf9b65c1cb1ccf
0733ca85d9108f84c21b36cde788c41c9665036610394b3d2df03aaeddb4dbd8
086b610a57094826649ac0c5c708232fc7c94910354ddea0a9fa19094eacec64
0afc99df76f86c1c2370c9ba83d1a5fb222f04801924452d95f4a7aa197eb0b0
0b75fbbc2ebd2285f986da7554cb7ebd66994f41d318c818e527fa900ac6ea06
0bb2c7b59d53e56ac6032df764c5d6487bc00338346c7077202fff4759e7f50c
0c538c4b38fbf6145cd89485e06dc51fd0846eef081c84384f3647e48b7f0489
0cdb9ee0a9861e2c652dc044669c20fc744b65bf5dc0db0508dbd86df9bd5470
0dd60776bd46b3f2cc5ac8fd8c83687a585dc9ab01827ba66e77d5e173e02ecc
11aa8761cbe9e7d7bce353e115421aa964063a7599eec7d58b479284e0ab472f
15f46f190b711c9e5c7a421970982bd139b905018a6076eaabce77a442fba41c
16ccca0f9ed23a07eb7340d4cfbe70957f2a336894a4c01add83e6b5de200cdd
16d3d06f9dc41f82f8f1284399b563e1ab3bc158d2d33e3e9b8ac221206b2c12
173d9fe05b29be9682dedd8034025e256b7fe31a83741fbd25ee3307f22c6a9b
184d53ce0e02a39cd434b8dd66e2da3dd45c00bbc386ed2f3eaf4c2527c084ac
18e190ecef8f0abab753ce7d080a9226db06ccd7ef307e7b23e3d1311aecabcc
192053163d2559ec9db2f99d7d68208bfc684687b02c925b4113a45aa07599cd
1e1b4a08b9123cdac553ad647bff099fa6cba2d643e1a047b1939d242de93df1
1ecc40560fe1a9379b028cbff83fd74dae7fde982c8bf65332dab9cd996c5281
21bdcb773e7bc8759a1b9620f633976e821fe5fe4a95d34eb62a4217e87dc9ec
226a231ce1028a60148cd1da305104b25ff215d590f90d9845f60e7dfd8ab1da
24bbac3376a3aaed9d1ee9c421ad5a4f736adfe1467e9afe1dfdeb04fc35c71e
25f0664272677a3f1de14a2800edecf83935da3a625e1441a4a7982bc947888a
265fea735c812e57957bdfa3f3f3d43e144fb9bbbd44af47b4366671e7ab93fe
26941ac1cce9e48241667eb3cfbe7a921ce046b7ecb5475bdb80cfebe3b052ed
26d51505332c23d6cbda9334670d7311bbb034572931905ecd97e7783a15c3db
28068ef87eebe9c924f5f8e6250a2c59138b2577e36882d8dda00396e64cec67
2ba989b208a7903c859caa2de5dc2f0494ad53c009dbd702d16d85acdfef1814
2be8c210b4b838e9c3c2edfc79862ff073cba4de5f7d264e4de8a37b99d6bfed
2cf03dca25f3a556283e514be0ab3efce0d8090d38af6a9734ab654ab331c092
2de1b3470b73f4be2b3b7a14443574c2b3271464f94dda4b0e436b18ca9b8199
2e74daf40163bd7bbf26e1b300b1f54b86bff72c8548d30ed15e0b2d451e2219
2f8912678023c2f730381146bca1b17cd0e25188f9e0b0d5c0ec295af8fde10c
33b7c433f65ac33d32d9f4a5523ef378169f1b9dad979c2675c5454afce9f927
3817619e2a46a6f62139c9606e355ea3a373a21fce9c43a5e07d3d0feb93a1a1
3c243908944a0f18316cb6db93781ec3c9d6539d7ab9a6cae2bb209481ee328f
3cdac406810c04b22ec751ce50f5ccd9945eeea098477d9b042fd89b5c1586ad
40ba031025233614d0bc5639e2635687a2f1984c509fc7e284b982a18b5a6cd6
41c956b95a4836da6e7a778b695294b4652d78f7dd857054d2ecfb0b04345eaf
443f5da46f138d77ca2716502e5fb652a9f55c763256cfd970113e0c2b2adf74
45cf2356bd857d1d7bc344ec75434f5946f98fc9192dcf9343087d6635cbfd0f
467dfd94d2f3fc07b180873e78455d838d0a66763625bafee9c14a34968bdbdb
46b5e5251724cd6aad0a7dc21529b2a774318d07e4093c3aa275cc5d8fb03577
486c7f69fc8639c75af0238fef542b871f111c8a59db08eed57d0a150cff14eb
4da8ba784468aafc9253e469bfc65bcb24b563a4955eece94323f705a6027d5e
4e40bf4d94b62a21afd36d81778aec9a4c82e7e7644a2096a233b943dbc904b6
4e7bdec884dcc94de26fe95a6e32c0f5fd78a1c8f7aab28e10e9d7196affad29
4f76a885e486264f84e5c83b8f24e0b5fc822ebc3787ec20347def2f1ae45ebf
4f90d2423d235c4b51d3aeac1da6904d23822faa8eca29fa90d3d643a3a0abc9
5180491ba74eee59c3454fc581cfbd1149c61bfb58adc812f15d3d27cdfe4a77
51ffc83ed743ac83bbaa31ff70205a8c8005e18fd33b181753a1589d162fa516
54d35c34474b113b601024629d9b86b206e3c4a307b8addf53728625d072a9ec
54d5a65ad73975ba4f32c410f6448a25ef4d35c801cc9ece1e856ff2569ca71e
5877236ed7ea15230f0938211a9932cc1f162174dcd062a8a51c5380c9bf2159
5b62c15b0da5717911b2458b57a4f22606dd342c9e59bd8e5088227c71454d5b
5b6df3ac6c57975998138d7bfe2107380cc47a5d1690af2aaac3f9556800b6c7
5ed737490389c29e2a51e0b5c8321698c03c584f3f8c14fbc7f4f4bed5f4e3a7
5f0fe4ca9d6ec49295faacf253b8ba7b557f83858d60db08574a00c3fee022c4
62319feb1bff066c27ee91e5b188c9a09e2c04c4cf6c6bb98e61fd3d5eb97d7f
640dd9158050a1617c14fa231fa5efa2833b3e6639ca287064a414ffadd952e3
64ac278a67256ae70d462c23307e75416d4e5a0a060f95e124be57772ee5b43f
654b97dc096fd24d3d07e7ce5b8d67299a64d9837cc8ae2b037966931b3e34d1
66e7d65d69f3c8ea0947108600acc2b62774353673699372661aabd4e2e0ec70
66ff8545e04acad1b0dc73ba3d0d655772b69a9e94b5d2d3b998cc2e02e064c4
67a471e4b126ada1249691a291ca3fa8637fe961364b1d2153c8a46ebef65ffc
6b3fef1e01af6453f7f9ab1e433e34520a2dcb06798e24b6e9881319c3c42f88
6cffdcb0572cd690f6aba8298d5e4dd424023e2221d154e9b8db488c31e26dda
6da758e3d74a0c2669f17f1fad822e1f2e6a2bc21c63ccad9c0b348c963caa82
6dfb24e850f09de9e9d7575d093c1a11145a97b6fb251b0fc92352b876849910
6e4c252f37de5f0646b8e268c231755c1851b3447252c8d179b5c3eb80f4c4de
73a51959b97b95d9ca1d037b0df0ae474e0a4180721ea16c6e5f07984ba7dcc7
73d2de38c926993924a4df0afd4ec669364162bc69b0d02601096fddf4447340
73e86f6f90ec4a36ad62f753aed1b5e8f8de79184938098eff4ea04cc98025ee
7691c760a58fe672e9848ad70e7280a74e8d959732af304fd8410bc6e1819d0d
7c3152dc5b90a96056e64dfbd04f3bfb026a40d62d607ae8d3ff6954b9a1c811
7c574997362eed2381b9f865be5929d3f9148d43d0793ac7ced4919b85c3571f
7eb3312632f3a353695d27113d7a2a8efed3435d55f8e5d5314681be05b97ff4
82652d7c960154911d332d6fad28ffc6f33abc5412267a1d831278e00769bd11
862cc20c79fde76b86295d712d9aede6ce525c61cbc3ccc76e0b9848575c39f0
871bed6c5bdb183c7b63b651705a7896ccbca789e96b6793c4a170a669f4eadb
8795c9f48de1b79d8d9f5742c069a99a064492e45657cd02e00cc028680ed10b
88ca2a80f09237547350197e2027844849b74bbc085cb7abf4122ed169affafb
89617356abc5c91c785860fd6fb55b6c924cee4e07abd306e554b69c558bf268
8f34a992a8736e14af2d7934116f99c4dee509040aafd44961bd3197c48feb5c
8fc58a8e281eb5e7c778968a5dcffde546dfca1235da92cd7447ae43864bd911
9081b50da67ceee980939e11d4b018e60ac4757d69cd560a1534bd0f2b7ca340
90bbc7bfa7153c47da70a524c83aeeae78cf804215b177c2e042d63a664e193d
91e20d9c93d66985452931d6138f0e50d078f5fa7c9203af11c9f79aadf8eaa1
9364f0149d08c8ed0c02ca2aa7ca3421ff64e6213523572d3b4aedc54e95af47
98dcf87980d129e65b3fcd436a011a7be9f3f93055fc4e966dbd56eb17bfe83c
997463458de0a1215fdf337af9e81ebfe21cdb76a8fca63225c05e4adff8452e
99ba0606d1cac7785602224bdba262476e558ebf70630f7b2a48b3ede8e988d8
9b0e3b7118d9987303555e13b466c6ef4c9980792c3f1dd11a01d93263da9cd0
9daa4015cdaec2387671c536ac2cee3900bb8fc3a6e521df630b935b9bc44597
9e235476c330a1cff3c4561372c891824d52b048b0000659bd5bae6946e15b42
a0560479ee423ae437f5e372095ef7758a19fb96cfa1cae174f61be2130fc70f
a12ddbdebf10c28fa7589836bd7b44d726a5917c56dda889c01054062a887e2e
a16f2a8d577edfd919aab638dac793609d659a36686a9c2a35cc65b6aad0cb62
a4bee8963657cfaf309e2ad49c345aede99a174089b68188a5a1e97124aa3925
a58e217f9eebc62d03ac5381ac02248d419b3c201fdb4de2c2e2b8bd28d97713
ac81418c14fa8e57fd2dce00f93b466e39fbf8f3dbfb4380b4f12fde657d930a
adbe9fbbaf438d807ef45f5a9b033380601146ec68a338cab7e7707ac16377ae
ae33a5398f53225169d5a9a04e65a4fec0786488b60daae02467ee4ec8a8ad7e
b07a154fb0b5962d324eebf8f7de5ca43660d7747f7b07ad2e93127e96137441
b0d59e374a4e372fb4bf76b0a6f58b78865c186dffcb6c08d7a040e2f81f0123
b35d3f81ee048cc98f2e005fb16052ac49a0bc0f9e41d03f680b91aa4131769e
b3f2bfecec08801e9c93dacb85763b750854e24998306434e7381ea2c5549a16
b6267eec84b2efe1ffb342c6a20d953793a9842e405347fd7a599088d047ac42
b6b15bbee66c83ab38bfc7731e123a639baef65987b13af03914a8b39825be8f
bb35399222ac05ee1331cae9ce0c8d9156b2f630f2b63f8d3dae19375c916f1d
bdaf09e3859577eee6f7d2b1910874289ed3e6894d60990c1c822361caca10d1
c6fce9c3876a4d36811fb8d1e82e7f2061ee9f805bb93855df2f6e29ab36b3a1
cf4d56c9a2f1d42651155135b70bc44cd436515468eea7175d4c92a444358cb5
d60f0706f9ee15e0c1a0dff23897a31bb3acbf2ad895678c84ba9b8eceb5c86e
d67f636a417e99fabe27fbd3510ccf652124bdee4bde1b95550b5a1948ab8656
dc1979adbb5fcb8d71ad0a0808168555de5132eba802f5f0bf1b0bb3fbbde626
dc7421b4882735baa928e6c5d6741dfb819de6204dd89f97e4b5068416eb29ce
dcde0aa43386104265e30aa734a2f7afc188bae7b872beaac115ba1f4a3fd3a4
dd1d878a8c74cdeb0d8362239d40873d24691d94f37b454cf1d24d56b80a476e
dd71f2ab678d9dd0506b582fc402ce0a2f0d4f8bd4bad4577a9303c34c25d69d
dff76c0495d9c6f9e3afa4770ff9236cbeca7374091040c0ea183226d4ef19a8
e10d70868b94e757b0e43a57fed07b7e0c951843898d511dcf667e65c434dc8d
e1357500228e5292166a8e0fcd9a5ee8787a803baac990480a5283572923f79d
e14b21c85ceb9420bd090c89f70673c9fdd0d25035691f696507b0bd2dc5c05d
e19c5496d1a34ec9f2d543045895cee90a43abc56be8dd3e1c884c138524dfdf
e1b8a7e3ce853ba8adba66089a771c909fe54e5d298e7fe28fc4a82adfa75812
e2d411e7069b1c5decf12f3980d1c51d875a492da05df4fc972ed6d6f924547d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44a4d2ffac566a24f2b65b52e2d486419288dd07197320fdc9b0620a000d125
e4d88741e861b7ba4db2fa76d8a8af99800f8e5016e4e5bbdfb70c15abfaa5df
e558883a13ad13100a3df0b0dc86a58a84c5d6636c8701bd08944cfa713b3038
e59a6120cf307a7a6132078aeca04fe018d071237d30d39054872a049b9a12d1
ea1f34066ab6f431fd7b9c1e59a9d68cf018f136c2308157d44fd23699d90746
eb3dbfba8a4717a00537b58c42f7055a9ddfc38ba6e89d1829ca5caed793fc51
ebb177231b3a6f3fe5576e094afb967a16840dec1415ed1517c2a3a07cdff548
ec186477005b18738d87dc7bd289915d1902d88954cc202c28affc64e4a17637
ece06f0c16a254f73ebcb97bff06c8f122c50c4bd73040435c09f68588c732d7
eed9b7322dbd260bfcbc77c5d59608ee574cfb899571e8c767aabf5b60e85cdb
ef579426bc061fd2a183514d27fb9bbf3b469b96a0ca5a96bc1cbc1a9238555c
eff1e249de193e593201e73e4958d0594251a14940529bdb81419dfda23adb63
f120da68f6e278be110dfa857b347c990d2e55693fea37b45e5a082a0ff1bb79
f232709d4c0a7c80f98545926cb85764b471649f9d5a8f71a4a05d5e84be9c11
faec5735766a9ce6912b66740f05caf9a0eb7d34d65a82be83a286748e3a419a
fe0fb6914b9f2bc7e788da2bacb7c71b8a2245e938cf11fb46b2dccca17ac677

id.css.ch Open in urlscan Pro 194.209.96.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

157 Requests

99 %HTTPS

38 %IPv6

6 Domains

8 Subdomains

8 IPs

5 Countries

3029 kBTransfer

5103 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

id.css.ch Open in urlscan Pro
194.209.96.18 Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

99 %
HTTPS

38 %
IPv6

6
Domains

8
Subdomains

8
IPs

5
Countries

3029 kB
Transfer

5103 kB
Size

7
Cookies

157 HTTP transactions
0 data transactions