www.bancastato.ch Open in urlscan Pro
217.26.33.87 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bancastato.ch/
Submission: On July 30 via automatic, source certstream-suspicious (July 30th 2024, 10:12:10 am UTC) — Scanned from CH

Summary HTTP 55 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 55 HTTP transactions. The main IP is 217.26.33.87, located in Switzerland and belongs to BSOURCE-AS, CH. The main domain is www.bancastato.ch.
TLS certificate: Issued by Thawte EV RSA CA G2 on January 18th 2024. Valid for: a year.

This is the only time www.bancastato.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	217.26.33.87 217.26.33.87	197312 (BSOURCE-AS) (BSOURCE-AS)
1 7	217.26.33.63 217.26.33.63	197312 (BSOURCE-AS) (BSOURCE-AS)
13	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
55	5

34 217.26.33.87 (Switzerland)

ASN197312 (BSOURCE-AS, CH)

www.bancastato.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prd-analytics.bancastato.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 217.26.33.63 (Switzerland) 1 redirects

ASN197312 (BSOURCE-AS, CH)

www.inlinea.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	bancastato.ch www.bancastato.ch prd-analytics.bancastato.ch	3 MB
13	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 554	185 KB
7	inlinea.ch 1 redirects www.inlinea.ch	787 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 1019	304 B
55	4

	Domain	Requested by
33	www.bancastato.ch	www.bancastato.ch
13	cdn.cookielaw.org	www.bancastato.ch cdn.cookielaw.org
7	www.inlinea.ch	1 redirects www.bancastato.ch www.inlinea.ch
1	geolocation.onetrust.com	cdn.cookielaw.org
1	prd-analytics.bancastato.ch	www.bancastato.ch
55	5

This site contains links to these domains. Also see Links.

Domain
www.inlinea.ch
www.instagram.com
www.facebook.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.bancastato.ch Thawte EV RSA CA G2	`2024-01-18` - `2025-02-17`	a year	crt.sh
www.inlinea.ch Thawte EV RSA CA G2	`2024-02-05` - `2025-03-07`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
prd-analytics.bancastato.ch Thawte RSA CA 2018	`2024-06-06` - `2025-06-16`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.bancastato.ch/
Frame ID: 6B8499AF6AB4D0BAFB364E0E47E5BC32
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Homepage | www.bancastato.ch

Detected technologies

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

96 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

3815 kB
Transfer

5537 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.inlinea.ch/auth-avaloq/login
Title: E-banking

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bancastato/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bancastatoeventi/

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.inlinea.ch/unblu/js-api/v2/visitor/visitor-api.min.js HTTP 302
https://www.inlinea.ch/unblu/static/js-api/xmd1718866463237/v2/visitor-js-api.min.js

Request Chain 36

https://prd-analytics.bancastato.ch/matomo.php?action_name=Homepage%20%7C%20www.bancastato.ch&idsite=1&rec=1&r=515002&h=12&m=12&s=4&url=https%3A%2F%2Fwww.bancastato.ch%2F&_id=e7d09ce2a8d3ace4&_idts=1722334324&_idvc=1&_idn=0&_refts=0&_viewts=1722334324&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=590&pv_id=4vNj2Z HTTP 303
https://prd-analytics.bancastato.ch/error_path/400.html?al_req_id=Zqi8dGn6RUrHjQu_-3uyOAAAAMY

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.bancastato.ch/ 101 KB
104 KB 703ms
322ms Document
text/html 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

fb035c043b6c05a56ca036429a63536a32c81e25892eb96a6d7279b4fd7057ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=600, public
Connection: Keep-Alive
Content-Length: 103269
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Type: text/html;charset=UTF-8
Date: Tue, 30 Jul 2024 10:12:01 GMT
Expires: Tue, 30 Jul 2024 10:22:01 GMT
Keep-Alive: timeout=10, max=500
Last-Modified: Tue, 30 Jul 2024 09:29:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Magnolia-Registration: Registered
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK all.min~2024-03-25-10-46-40-000~cache.css
www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/ 725 KB
98 KB 66ms
57ms Stylesheet
text/css 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

a08dc4a032a37d5a242a110e0ee7f6c06e64ddcb60b2042453a2fdfd47af5778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:01 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=10, max=499
Expires: Wed, 30 Jul 2025 10:12:01 GMT

GET
H/1.1 200
OK style-integration~2024-03-25-10-46-40-000~cache.css
www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/ 5 KB
4 KB 207ms
112ms Stylesheet
text/css 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/style-integration~2024-03-25-10-46-40-000~cache.css

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

ef83cb697d53e094cd0240d15be9e29e81557c8d4c9c212f1c2acc4cc2ca1ac8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:01 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=10, max=500
Expires: Wed, 30 Jul 2025 10:12:01 GMT

GET
H/1.1 200
OK jquery-3.7.1.min~2024-02-22-09-44-26-000~cache.js Show response
www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/vendor/ 85 KB
32 KB 274ms
61ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/vendor/jquery-3.7.1.min~2024-02-22-09-44-26-000~cache.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

7aa6b0e08f48a0f95d8df7ea89e4cbfe1ef3d1e8c0f7373f7f25edfb4e4a325e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:01 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 22 Feb 2024 09:44:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=10, max=500
Expires: Wed, 30 Jul 2025 10:12:01 GMT

GET
H/1.1 200
OK visitor.js Show response
www.inlinea.ch/unblu/ 2 KB
4 KB 596ms
156ms Script
application/javascript 217.26.33.63
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inlinea.ch/unblu/visitor.js?x-unblu-apikey=0PB5EOF5RnKfbCrL8wtEgw

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.63 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

eba4de8674d27afe48ad105aa0fa15414dac7f5b198187e2e5c3a36fc9fbff4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' .opentok.com .tokbox.com wss://.tokbox.com 'unsafe-eval'; connect-src wss: 'self' .opentok.com .tokbox.com wss://.tokbox.com ws: data:;
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com 'unsafe-eval'; connect-src wss: 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com ws: data:;
Server: Apache
x-unblu-start-time: 1718866463237
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
cache-control: no-cache, no-store, must-revalidate, max-age=1
Connection: Keep-Alive
Keep-Alive: timeout=10, max=500
X-XSS-Protection: 1; mode=block
expires: Mon, 29 Jul 2024 10:12:02 GMT

GET
H/1.1

200
OK

visitor-js-api.min.js Show response
www.inlinea.ch/unblu/static/js-api/xmd1718866463237/v2/
Redirect Chain

https://www.inlinea.ch/unblu/js-api/v2/visitor/visitor-api.min.js
https://www.inlinea.ch/unblu/static/js-api/xmd1718866463237/v2/visitor-js-api.min.js

32 KB
34 KB

35ms
34ms

Script
application/javascript

217.26.33.63
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inlinea.ch/unblu/static/js-api/xmd1718866463237/v2/visitor-js-api.min.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Server

217.26.33.63 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

3ca390e599307e3d3c40ce26738c025d3363f9956d18918de74b29ae5d33903d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' .opentok.com .tokbox.com wss://.tokbox.com 'unsafe-eval'; connect-src wss: 'self' .opentok.com .tokbox.com wss://.tokbox.com ws: data:;
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com 'unsafe-eval'; connect-src wss: 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com ws: data:;
Connection: Keep-Alive
Content-Length: 32916
X-XSS-Protection: 1; mode=block
last-modified: Wed, 20 Apr 2022 16:22:50 GMT
Server: Apache
vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
cache-control: max-age=315532800,public
accept-ranges: bytes
Keep-Alive: timeout=10, max=499
expires: Wed, 21 Jun 2034 13:32:48 GMT

Redirect headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com 'unsafe-eval'; connect-src wss: 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com ws: data:;
Server: Apache
x-unblu-start-time: 1718866463237
X-Frame-Options: SAMEORIGIN
location: https://www.inlinea.ch/unblu/static/js-api/xmd1718866463237/v2/visitor-js-api.min.js
cache-control: max-age=60,public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=500
Content-Length: 0
X-XSS-Protection: 1; mode=block
expires: Tue, 30 Jul 2024 10:13:02 GMT

GET
H/1.1 200
OK polyfill.min.js Show response
www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/ 3 KB
4 KB 274ms
62ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/polyfill.min.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

9230df14164558edda90752e80110204d9ce145fbea632d969493e54ab333a70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:01 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 22 Feb 2024 09:44:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=3600, public
Keep-Alive: timeout=10, max=500
Expires: Tue, 30 Jul 2024 11:12:02 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/49cf5428-5c54-406c-8ffe-2673ecccc5b4/ 5 KB
2 KB 321ms
51ms Script
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/49cf5428-5c54-406c-8ffe-2673ecccc5b4/OtAutoBlock.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d870a2be4ceb379e084ef102f1b57e01d5026bdaa6549fcd9d5000cc2f975d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Jul 2024 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1292
content-md5: vdgMJgSLVxTmtfmGVwJ8rQ==
content-length: 1837
x-ms-lease-status: unlocked
last-modified: Tue, 04 Jun 2024 19:35:46 GMT
server: cloudflare
etag: 0x8DC84CD87F86FE5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 860d0d5a-101e-001f-50b6-b69a79000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ab49168cf9cb8a0-AMS
expires: Wed, 31 Jul 2024 10:12:02 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 321ms
51ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c289faa80333eff728b8bdbbf10b11dec1a6e1938a444e1cc41be6744e96d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Jul 2024 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: PzcU3Ivp6w0l3AsetHXgNw==
age: 67010
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jul 2024 02:02:45 GMT
server: cloudflare
etag: 0x8DCAB84B60D1366
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6862c737-101e-0013-2efa-dda66b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ab49168cf96b8a0-AMS
expires: Tue, 30 Jul 2024 15:35:12 GMT

GET
H/1.1 200
OK logo-bancastato.svg
www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/ 6 KB
5 KB 284ms
74ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/logo-bancastato.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

7e13c30013899b6784ab280bdb537a991a0d97a7f5da27c1bc5c8d8f300cc586

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=3600, public
Keep-Alive: timeout=10, max=500
Expires: Tue, 30 Jul 2024 11:12:02 GMT

GET
H/1.1 200
OK portafoglioMIO6Home.jpg
www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/portafoglioMIO6Home.jpg/jcr:content/ 462 KB
465 KB 290ms
81ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/portafoglioMIO6Home.jpg/jcr:content/portafoglioMIO6Home.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

37d6df443d9944087f65178d813550ec6c29d7dba1e899bfe37a67daf5c28aad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Tue, 30 Jul 2024 09:29:26 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=500
Content-Length: 473592
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Jul 2024 10:22:02 GMT

GET
H/1.1 200
OK Pacchetti1920x704px.jpg
www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/Pacchetti1920x704px.jpg/jcr:content/ 1 MB
1 MB 109ms
100ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/Pacchetti1920x704px.jpg/jcr:content/Pacchetti1920x704px.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

8dea63df662b256f541b207be4e598aa7c28604f310aa5db11d8618c9c61cc34

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=499
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Jul 2024 10:22:02 GMT

GET
H/1.1 200
OK homepageDicembre2023.jpg
www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/homepageDicembre2023.jpg/jcr:content/ 141 KB
144 KB 113ms
112ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/.imaging/mte/site-bancastato/1920x704/dam/site-bancastato/Immagini/homepageDicembre2023.jpg/jcr:content/homepageDicembre2023.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

fe2ee45b2e865d648dd94b3cb200d24cf31846741102d9384277daf326232f9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Tue, 30 Jul 2024 09:29:26 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=498
Content-Length: 144396
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Jul 2024 10:22:02 GMT

GET
H/1.1 200
OK ristrutturare_casa_icon.svg
www.bancastato.ch/dam/jcr:c348aa0c-eb45-4984-8c25-a1219d83d142/ 2 KB
4 KB 40ms
38ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:c348aa0c-eb45-4984-8c25-a1219d83d142/ristrutturare_casa_icon.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

6fe53b4d34110d4b8591196abda67dbb539b594613f352bc9aab10b55cf3c016

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:14 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=499
Expires: Tue, 30 Jul 2024 10:22:02 GMT

GET
H/1.1 200
OK comprare_casa_icon.svg
www.bancastato.ch/dam/jcr:f9dd45d2-86f5-42c6-9dce-cde737b6da18/ 3 KB
4 KB 38ms
36ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:f9dd45d2-86f5-42c6-9dce-cde737b6da18/comprare_casa_icon.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

49f7cd749db705c8a8d211cd8a4eef6e9d2f892fa41e419cd872d80071566c91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:14 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=499
Expires: Tue, 30 Jul 2024 10:22:02 GMT

GET
H/1.1 200
OK vita_sostenibile.svg
www.bancastato.ch/dam/jcr:eab26f6f-e692-4bd6-8d20-9f6dc021cf6e/ 3 KB
4 KB 79ms
76ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:eab26f6f-e692-4bd6-8d20-9f6dc021cf6e/vita_sostenibile.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

eda9e9de8160614499326480a28c0697dd04021d3c4ac63fe5736f0dc9b12761

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:13 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=498
Expires: Tue, 30 Jul 2024 10:22:02 GMT

GET
H/1.1 200
OK budget_famiglia_icon.svg
www.bancastato.ch/dam/jcr:76749703-57ab-47c4-bded-27f9a6dd5fe5/ 4 KB
4 KB 76ms
72ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:76749703-57ab-47c4-bded-27f9a6dd5fe5/budget_famiglia_icon.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

10eae1e0c8623ca5379a5e9e06012355bab8d235e39813d94e03a50bf8c075dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=498
Expires: Tue, 30 Jul 2024 10:22:02 GMT

GET
H/1.1 200
OK situazione_finanziaria_icon.svg
www.bancastato.ch/dam/jcr:1729657f-2098-40dc-9e7b-f0cf97629ec8/ 7 KB
5 KB 38ms
37ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:1729657f-2098-40dc-9e7b-f0cf97629ec8/situazione_finanziaria_icon.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

f733ec258245b619fe5ea835141e8bee2e0b09e9e5de27fab7823fa97d71e4bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:14 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=497
Expires: Tue, 30 Jul 2024 10:22:02 GMT

GET
H/1.1 200
OK successione_icon.svg
www.bancastato.ch/dam/jcr:c7dfef96-2d51-40fb-a41d-277c00c6f858/ 3 KB
4 KB 46ms
46ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:c7dfef96-2d51-40fb-a41d-277c00c6f858/successione_icon.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

7f7ff0ab36975126c2daa004e333a3f5854b59a80d9c437847f47d1079e6dc1b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:13 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=497
Expires: Tue, 30 Jul 2024 10:22:02 GMT

GET
H/1.1 200
OK attivita_propria_icon.svg
www.bancastato.ch/dam/jcr:5cf1ac18-62a8-44a4-a35e-032b525e8058/ 9 KB
6 KB 134ms
134ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:5cf1ac18-62a8-44a4-a35e-032b525e8058/attivita_propria_icon.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

2e85693143ed79c585888f5763d4b0c848b365a3a5c6d3e6b4b025f3e1bd5dc5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=499
Expires: Tue, 30 Jul 2024 10:22:02 GMT

GET
H/1.1 200
OK pensione_icon.svg
www.bancastato.ch/dam/jcr:3e750877-907b-418d-9912-b0733463ca62/ 11 KB
6 KB 141ms
140ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:3e750877-907b-418d-9912-b0733463ca62/pensione_icon.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

1e19bb616cbb7296fcd63fb3ca0fd2feb036c75672819ba3485f96de052b2918

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Thu, 28 Mar 2024 17:12:14 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=496
Expires: Tue, 30 Jul 2024 10:22:02 GMT

GET
H/1.1 200
OK mandato-pubblico-garanziaStato.jpg
www.bancastato.ch/dam/jcr:6661634e-0ccf-4c32-9d3e-8cce6d99acb5/ 69 KB
72 KB 99ms
98ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:6661634e-0ccf-4c32-9d3e-8cce6d99acb5/mandato-pubblico-garanziaStato.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

902274bd47aefaa6d5445e26545afb9beb51be3235ba4328d0c03061a23d9ff8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Disposition: attachment; filename="mandato-pubblico-garanziaStato.jpg"
Connection: Keep-Alive
Content-Length: 71164
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 22 Jul 2019 08:44:32 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=496
Expires: Tue, 30 Jul 2024 10:22:02 GMT

GET
H/1.1 200
OK Pagina%20eventi%20635x554-02.jpg
www.bancastato.ch/dam/jcr:3aecbba4-7152-4395-9b39-3efce885577a/ 144 KB
146 KB 41ms
41ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:3aecbba4-7152-4395-9b39-3efce885577a/Pagina%20eventi%20635x554-02.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

cc45ca4ae13e6ad389e97d0e27c166830d4670ba81a3e5240caa8df9e24ae102

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Disposition: attachment; filename="Pagina eventi 635x554-02.jpg"
Connection: Keep-Alive
Content-Length: 147125
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Tue, 25 Apr 2023 13:54:27 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=497
Expires: Tue, 30 Jul 2024 10:22:02 GMT

GET
H/1.1 200
OK TiHome.jpg
www.bancastato.ch/dam/jcr:48260176-d42f-4f32-b1a7-1a1ac7a0e620/ 76 KB
79 KB 41ms
41ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:48260176-d42f-4f32-b1a7-1a1ac7a0e620/TiHome.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

22af2cb27167705fe5fb843dc6f737bdae9be8751437754e5145c2d87ba05dd0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Disposition: attachment; filename="TiHome.jpg"
Connection: Keep-Alive
Content-Length: 77860
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 22 Jul 2019 08:44:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=497
Expires: Tue, 30 Jul 2024 10:22:02 GMT

GET
H/1.1 200
OK logo-bancastato-white.svg
www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/ 6 KB
5 KB 102ms
102ms Image
image/svg+xml 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/logo-bancastato-white.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

0166fcc93e70f0cc0d0e262b6d0bce75d7b0308062206192d6ff502f97401812

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: max-age=3600, public
Keep-Alive: timeout=10, max=497
Expires: Tue, 30 Jul 2024 11:12:02 GMT

GET
H/1.1 200
OK all.min~2024-03-25-10-46-40-000~cache.js Show response
www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/ 813 KB
194 KB 42ms
40ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/all.min~2024-03-25-10-46-40-000~cache.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

71a95f3047ec8c8ac3bbef725137ea93d9ea71d42b0a53fe434ee6e9c023bed7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=31536000, public
Keep-Alive: timeout=10, max=499
Expires: Wed, 30 Jul 2025 10:12:02 GMT

GET
H/1.1 200
OK matomo.js Show response
prd-analytics.bancastato.ch/ 66 KB
66 KB 479ms
40ms Script
application/javascript 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://prd-analytics.bancastato.ch/matomo.js

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Last-Modified: Thu, 21 Mar 2019 07:50:00 GMT
Server: Apache
ETag: "106ad-58495fc36da00"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=500
Content-Length: 67245
X-XSS-Protection: 1; mode=block

GET
H2 200 49cf5428-5c54-406c-8ffe-2673ecccc5b4.json Show response
cdn.cookielaw.org/consent/49cf5428-5c54-406c-8ffe-2673ecccc5b4/ 4 KB
2 KB 181ms
50ms XHR
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/49cf5428-5c54-406c-8ffe-2673ecccc5b4/49cf5428-5c54-406c-8ffe-2673ecccc5b4.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

957d68464677b3a702883dec0257a3d1e7e87e18cb0355b1c370c7c67ef5d214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Jul 2024 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 11041
content-md5: cmFqkt4xrqLbuphuA/bHLw==
content-length: 1687
x-ms-lease-status: unlocked
last-modified: Tue, 04 Jun 2024 19:35:43 GMT
server: cloudflare
etag: 0x8DC84CD8631D4B9
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1ce0326f-401e-006a-63b6-b61dc2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ab4916bb83265f2-AMS
expires: Wed, 31 Jul 2024 10:12:02 GMT

GET
H/1.1 200
OK FuturaBT-Medium.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 49 KB
51 KB 190ms
35ms Font
application/font-woff2 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/FuturaBT-Medium.woff2

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

9473418c10073c7b3f3f3f7bfe6bc3f640e3a091ebc4c39cd6f44420011b5912

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css
Origin: https://www.bancastato.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=498
Content-Length: 50014
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Jul 2024 11:12:02 GMT

GET
H/1.1 200
OK icomoon.ttf
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 57 KB
60 KB 137ms
39ms Font
application/x-font-ttf 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/icomoon.ttf?mil9qe

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

6aaea2e4447f9c01aa39e247f2c3a8b723e58c6895c751254401cf667853af6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css
Origin: https://www.bancastato.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/x-font-ttf;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=495
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Jul 2024 11:12:02 GMT

GET
H/1.1 200
OK roboto-medium-webfont.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 19 KB
22 KB 146ms
34ms Font
application/font-woff2 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/roboto-medium-webfont.woff2

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

6e858a5202e480d17bbc81eacc216943fb9c7eea727263e08f30cb5cc468bec8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css
Origin: https://www.bancastato.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=498
Content-Length: 19716
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Jul 2024 11:12:02 GMT

GET
H/1.1 200
OK FuturaBT-Bold.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 50 KB
53 KB 157ms
44ms Font
application/font-woff2 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/FuturaBT-Bold.woff2

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

11ebc0e2ec3e972f3bcecd1aa31e3a6167654dc76b0f8d93c2069712175eddeb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css
Origin: https://www.bancastato.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=498
Content-Length: 51680
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Jul 2024 11:12:02 GMT

GET
H/1.1 200
OK roboto-bold-webfont.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 19 KB
22 KB 195ms
36ms Font
application/font-woff2 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/roboto-bold-webfont.woff2

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

a60fca9f3aad41fafcd49e04e9ae88519efece6aa485de11c418a6c034f06b0c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css
Origin: https://www.bancastato.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=495
Content-Length: 19872
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Jul 2024 11:12:02 GMT

GET
H/1.1 200
OK roboto-regular-webfont.woff2
www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/ 19 KB
22 KB 204ms
33ms Font
application/font-woff2 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/fonts/roboto-regular-webfont.woff2

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

0fea4ae61a79845e734c5df1c00ea48b1c35cda64f9abf9cab2642d381cb1040

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/css/all.min~2024-03-25-10-46-40-000~cache.css
Origin: https://www.bancastato.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:02 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=497
Content-Length: 19652
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Jul 2024 11:12:02 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 67 B
304 B 294ms
60ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e91e62490f19fae2907ddbfae2a95990ca18631d5386fa9de60311dd777ae4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 10:12:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8ab4916f28b4b78a-AMS
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK Barra-bilancioSocialeAmbientale.jpg
www.bancastato.ch/dam/jcr:89549bf8-5a61-4e6f-b660-af5ee0e38b77/ 120 KB
123 KB 44ms
43ms Image
image/jpeg 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancastato.ch/dam/jcr:89549bf8-5a61-4e6f-b660-af5ee0e38b77/Barra-bilancioSocialeAmbientale.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

465b2c629f5df9e676ab35968ddf7fde988646e1b0b0dfa5ae8fb83600946d7b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:03 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Disposition: attachment; filename="Barra-bilancioSocialeAmbientale.jpg"
Connection: Keep-Alive
Content-Length: 123016
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Last-Modified: Mon, 22 Jul 2019 08:44:50 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=496
Expires: Tue, 30 Jul 2024 10:22:03 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202405.2.0/ 451 KB
110 KB 84ms
43ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

402dda334f81814b077c20d0d093636239c027f3e82996fd7c12cb91aa57540a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Jul 2024 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ryx3T13YxV6i1yEKSnAPIA==
age: 42773
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 112015
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 22:10:45 GMT
server: cloudflare
etag: 0x8DCA5E423ECD5E2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e7be4edf-401e-0088-15ce-d72b53000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ab49174efa3b8a0-AMS

GET

400.html
prd-analytics.bancastato.ch/error_path/
Redirect Chain

https://prd-analytics.bancastato.ch/matomo.php?action_name=Homepage%20%7C%20www.bancastato.ch&idsite=1&rec=1&r=515002&h=12&m=12&s=4&url=https%3A%2F%2Fwww.bancastato.ch%2F&_id=e7d09ce2a8d3ace4&_idts...
https://prd-analytics.bancastato.ch/error_path/400.html?al_req_id=Zqi8dGn6RUrHjQu_-3uyOAAAAMY

0
0

GET
H/1.1 200
OK Initializer.js Show response
www.inlinea.ch/unblu/static/js/wp/xmd1718866463237/ 7 KB
8 KB 51ms
50ms Script
application/javascript 217.26.33.63
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inlinea.ch/unblu/static/js/wp/xmd1718866463237/Initializer.js

Requested by

Host: www.inlinea.ch
URL: https://www.inlinea.ch/unblu/visitor.js?x-unblu-apikey=0PB5EOF5RnKfbCrL8wtEgw

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.63 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

a4873963778e4f551c75d423b30652504b25cafa358b5e8c794183c43898fc6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' .opentok.com .tokbox.com wss://.tokbox.com 'unsafe-eval'; connect-src wss: 'self' .opentok.com .tokbox.com wss://.tokbox.com ws: data:;
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:04 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com 'unsafe-eval'; connect-src wss: 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com ws: data:;
Connection: Keep-Alive
Content-Length: 7111
X-XSS-Protection: 1; mode=block
last-modified: Wed, 20 Apr 2022 16:21:22 GMT
Server: Apache
vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
cache-control: max-age=315532800,public
accept-ranges: bytes
Keep-Alive: timeout=10, max=499
expires: Wed, 21 Jun 2034 13:32:48 GMT

GET
H/1.1 200
OK IPCheckServlet Show response
www.bancastato.ch/ 133 B
3 KB 105ms
104ms XHR
text/html 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/IPCheckServlet?skp=t

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/js/vendor/jquery-3.7.1.min~2024-02-22-09-44-26-000~cache.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

ac95c581730ee3e2f28c7794e704e3637c5fe3b3b1a8f38c2d93a6c3176207cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bancastato.ch/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:04 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
X-Magnolia-Registration: Registered
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=600, public
Keep-Alive: timeout=10, max=495
Expires: Tue, 30 Jul 2024 10:22:04 GMT

GET
H2 200 it.json Show response
cdn.cookielaw.org/consent/49cf5428-5c54-406c-8ffe-2673ecccc5b4/8fe93efa-3bef-4db9-9778-25d301ef2761/ 36 KB
10 KB 65ms
54ms Fetch
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/49cf5428-5c54-406c-8ffe-2673ecccc5b4/8fe93efa-3bef-4db9-9778-25d301ef2761/it.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55bca64511ff5fc5605d68b9236b19473e2781b4b4bcd6c4c77f0964225bc8ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Jul 2024 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 76767
content-md5: 9pO2dAOJ4adTlrqtA/UjZw==
content-length: 9618
x-ms-lease-status: unlocked
last-modified: Tue, 04 Jun 2024 19:35:43 GMT
server: cloudflare
etag: 0x8DC84CD86611B36
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 42897ee1-901e-00af-04b6-b663f9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ab49176ec8765f2-AMS
expires: Wed, 31 Jul 2024 10:12:04 GMT

GET
H/1.1 200
OK SiteIntegrationLazyMain.cfg Show response
www.inlinea.ch/unblu/config/xmd1722330750064/all/it/null/de-CH/https$www.bancastato.ch/0PB5EOF5RnKfbCrL8wtEgw/null/null/null/ 14 KB
16 KB 60ms
60ms Script
application/javascript 217.26.33.63
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inlinea.ch/unblu/config/xmd1722330750064/all/it/null/de-CH/https$www.bancastato.ch/0PB5EOF5RnKfbCrL8wtEgw/null/null/null/SiteIntegrationLazyMain.cfg

Requested by

Host: www.inlinea.ch
URL: https://www.inlinea.ch/unblu/static/js/wp/xmd1718866463237/Initializer.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.63 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

62386d8a8273031b38e78554c43a8aed04537629db132c6d1c7bdd51822a4988

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' .opentok.com .tokbox.com wss://.tokbox.com 'unsafe-eval'; connect-src wss: 'self' .opentok.com .tokbox.com wss://.tokbox.com ws: data:;
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:04 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com 'unsafe-eval'; connect-src wss: 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com ws: data:;
last-modified: Thu, 20 Jun 2024 06:54:23 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
cache-control: max-age=315532800,private
Connection: Keep-Alive
Keep-Alive: timeout=10, max=498
Content-Length: 14838
X-XSS-Protection: 1; mode=block
expires: Sun, 30 Jul 2034 10:12:04 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/ 9 KB
3 KB 61ms
60ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1bc0b181617d553a69d6c20ada9495d7a8efe04ca9f098c965ec0758ba7a114

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Jul 2024 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: mPFWl2a3UR06DZ1cx/YBSQ==
age: 5706
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2612
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 22:10:38 GMT
server: cloudflare
etag: 0x8DCA5E42003D45E
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3f8cc74a-f01e-007f-1030-d80db8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ab491784eb965f2-AMS

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/v2/ 64 KB
13 KB 61ms
61ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b902de98789f621b2a85e196609dccbc69b3ba95d62449f84e10678afa936a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Jul 2024 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: F89SIY0y7Va2rz8KFP5J+w==
age: 11042
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12881
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 22:10:40 GMT
server: cloudflare
etag: 0x8DCA5E420FA3EBA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4448d629-a01e-00e4-3d10-d88080000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ab491784ebb65f2-AMS

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/ 5 KB
2 KB 60ms
59ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Jul 2024 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +BxwAmz732dCCQR+FDw04A==
age: 80283
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1738
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 22:10:39 GMT
server: cloudflare
etag: 0x8DCA5E4209DB9A8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: efe08804-001e-00e2-4b87-d877f8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ab491784ebd65f2-AMS

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202405.2.0/assets/ 24 KB
4 KB 61ms
60ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Jul 2024 10:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 9eusssrwoAzVOVsIadvhfQ==
age: 5706
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 22:10:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 2a3dc5eb-b01e-0078-472c-d8fb3d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8ab491784ebf65f2-AMS

GET
H/1.1 200
OK SiteIntegrationLazyMain.js Show response
www.inlinea.ch/unblu/static/js/wp/xmd1718866463237/ 720 KB
722 KB 100ms
100ms Script
application/javascript 217.26.33.63
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inlinea.ch/unblu/static/js/wp/xmd1718866463237/SiteIntegrationLazyMain.js

Requested by

Host: www.inlinea.ch
URL: https://www.inlinea.ch/unblu/static/js/wp/xmd1718866463237/Initializer.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.63 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

b4b37801b95c0da035a6222a14b883cee80b755b9566ba73f773181ab11e6733

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' .opentok.com .tokbox.com wss://.tokbox.com 'unsafe-eval'; connect-src wss: 'self' .opentok.com .tokbox.com wss://.tokbox.com ws: data:;
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:04 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com 'unsafe-eval'; connect-src wss: 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com ws: data:;
Connection: Keep-Alive
Content-Length: 737718
X-XSS-Protection: 1; mode=block
last-modified: Wed, 20 Apr 2022 16:21:22 GMT
Server: Apache
vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript;charset=utf-8
cache-control: max-age=315532800,public
accept-ranges: bytes
Keep-Alive: timeout=10, max=497
expires: Wed, 21 Jun 2034 13:32:49 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 48ms
47ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Jul 2024 10:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 58606
x-ms-lease-status: unlocked
last-modified: Mon, 29 Jul 2024 02:01:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4be0d33b-301e-0062-3566-e1d452000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8ab4917a3d87b8a0-AMS

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
510 B 55ms
53ms Fetch
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Jul 2024 10:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 5706
x-ms-lease-status: unlocked
last-modified: Mon, 29 Jul 2024 02:01:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 78bcdfe9-901e-00ce-2bb4-e1f5c5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8ab4917a492e65f2-AMS

GET
H2 200 logo-bancastato.jpg
cdn.cookielaw.org/logos/19903376-321d-48e4-bb04-fdfea1137229/c2303ba0-e6e3-496d-bacd-dd6544c8ebc5/e16f1d0b-fbff-4a55-aa81-4e75fada0566/ 29 KB
29 KB 50ms
43ms Image
image/jpeg 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/19903376-321d-48e4-bb04-fdfea1137229/c2303ba0-e6e3-496d-bacd-dd6544c8ebc5/e16f1d0b-fbff-4a55-aa81-4e75fada0566/logo-bancastato.jpg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81dcc945def619ab8a342b22cfb70f5a93d0d417b79370d3431bfc817404b7c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Jul 2024 10:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3hKdS1s6mJfSa1LnziVGww==
age: 5706
content-length: 29372
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Wed, 24 May 2023 21:15:33 GMT
server: cloudflare
etag: 0x8DB5C9C03105952
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 1ac74018-301e-0056-0a50-79c86c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8ab4917aadfbb8a0-AMS

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 49ms
42ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.bancastato.ch
URL: https://www.bancastato.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Jul 2024 10:12:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 61045
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jul 2024 02:02:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c8b7fcb5-601e-0035-70fc-dd3ddf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8ab4917aadfdb8a0-AMS

GET
H/1.1 200
OK favicon.ico
www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/favicons/ 1 KB
4 KB 34ms
34ms Other
image/x-icon 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/favicons/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

b73598b06d5b907f913068d2fcf34161aa1a9ce9ffb6681a912f106c53f94413

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:05 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: image/x-icon;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=494
Content-Length: 1150
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Jul 2024 11:12:05 GMT

GET
H/1.1 200
OK favicon.ico
www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/favicons/ 1 KB
0 0ms
0ms Other
image/x-icon 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/favicons/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

b73598b06d5b907f913068d2fcf34161aa1a9ce9ffb6681a912f106c53f94413

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:05 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
X-Content-Type-Options: nosniff
X-Magnolia-Registration: Registered
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/x-icon;charset=UTF-8
Cache-Control: max-age=3600, public
Content-Length: 1150
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Jul 2024 11:12:05 GMT

GET
H/1.1 200
OK favicon-32x32.png
www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/favicons/ 1 KB
4 KB 38ms
38ms Other
image/png 217.26.33.87
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancastato.ch/.resources/bancastato-templating-light/webresources/img/favicons/favicon-32x32.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.87 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

b20ce379151b1c1a67e47606231c8e4759ee83f10df06aa58cccb99627cbebd5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 10:12:05 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.inlinea.ch inlinea.ch *.google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com *.gstatic.com *.browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com *.bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; connect-src 'self' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: *.inlinea.ch inlinea.ch *.htbridge.com *.bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com *.gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' *.inlinea.ch inlinea.ch *.bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com *.cloudfront.net *.onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch *.bancastato.ch https://www.google.com *.cloudfront.net ; child-src 'self' *.inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com *.youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch *.bancastato.ch *.cloudfront.net ; font-src 'self' data: *.inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com *.bancastato.ch *.cloudfront.net
Last-Modified: Mon, 25 Mar 2024 10:46:40 GMT
Server: Apache
X-Magnolia-Registration: Registered
X-Frame-Options: SAMEORIGIN
Content-Type: image/png;charset=UTF-8
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=10, max=493
Content-Length: 1390
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Jul 2024 11:12:05 GMT

POST
H/1.1 200
OK update Show response
www.inlinea.ch/unblu/rpc/visitorTracking/ 286 B
2 KB 57ms
55ms XHR
application/unblu-serialized-object 217.26.33.63
BSOURCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inlinea.ch/unblu/rpc/visitorTracking/update?xvh=x-unblu-client~INITIAL*x-unblu-page~INITIAL*x-unblu-apikey~0PB5EOF5RnKfbCrL8wtEgw*x-unblu-referer~aHR0cHM6Ly93d3cuYmFuY2FzdGF0by5jaC8%253D*x-unblu-locale~it*x-unblu-timezone~Europe%252FZurich*content-type~application%252Funblu-serialized-object

Requested by

Host: www.inlinea.ch
URL: https://www.inlinea.ch/unblu/static/js/wp/xmd1718866463237/SiteIntegrationLazyMain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.26.33.63 , Switzerland, ASN197312 (BSOURCE-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

21b6763d09e089403bdf6a7ac81a90d5994989c880c0a5d4d836eb4e5654c290

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' .opentok.com .tokbox.com wss://.tokbox.com 'unsafe-eval'; connect-src wss: 'self' .opentok.com .tokbox.com wss://.tokbox.com ws: data:;
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/unblu-serialized-object
Referer: https://www.bancastato.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

Date: Tue, 30 Jul 2024 10:12:08 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' ; frame-src 'self' https://prod1s.solutions.webfg.ch/ https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://ebill-portal-xp.paynet.ch/ https://afp-release-ipw.webcenter.contovista.com/ https://www.youtube.com/ https://www.bancastato.ch/ https://bancastato.ch/ blob: ; img-src 'self' https://integra1s.solutions.webfg.ch/ https://www.e-bill.ch/ https://www.ebill.ch/ https://ebill-portal-xp.paynet.ch/ https://one.prep.viseca.ch/ data:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hello.myfonts.net/ https://afp-release-ipw.webcenter.contovista.com/; object-src 'self'; media-src 'self'; script-src 'unsafe-inline' 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com 'unsafe-eval'; connect-src wss: 'self' *.opentok.com *.tokbox.com wss://*.tokbox.com ws: data:;
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
pragma: no-cache
Server: Apache
x-unblu-start-time: 1718866463237
X-Frame-Options: SAMEORIGIN
Content-Type: application/unblu-serialized-object; charset=UTF-8
access-control-allow-origin: https://www.bancastato.ch
access-control-expose-headers: x-unblu-page, x-unblu-client, x-unblu-set-cookie
cache-control: no-cache, no-store, must-revalidate, max-age=1
access-control-allow-credentials: true
Keep-Alive: timeout=10, max=496
expires: Mon, 29 Jul 2024 10:12:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prd-analytics.bancastato.ch
URL: https://prd-analytics.bancastato.ch/error_path/400.html?al_req_id=Zqi8dGn6RUrHjQu_-3uyOAAAAMY

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bancastato.ch/	1969-12-31 23:59:59	Name: AL_SESS-S Value: ATDXDhs_3ttO5tBQympqJ2jrex8t3gpvxflgQOfaoArFtF_IWh0!ZS2Np84o8!uT2kso
prd-analytics.bancastato.ch/	1969-12-31 23:59:59	Name: AL_SESS-S Value: AVxFMSMcY1hLW4zxtFw0k2_nJfznTZOD4EIEzxLIlTwkm3Jstp1S1aJd5vPOm2XnX_be
www.inlinea.ch/	1970-01-21 08:01:34	Name: x-unblu-device Value: $xc/Yq00Otbots0bg5nXQnnpqUl5xl0K!pZ_KjpC!1Q4gT2T0fnS
www.bancastato.ch/	1970-01-21 07:51:29	Name: _pk_id.1.8629 Value: e7d09ce2a8d3ace4.1722334324.1.1722334324.1722334324.
www.bancastato.ch/	1970-01-20 22:25:36	Name: _pk_ses.1.8629 Value: 1
.www.bancastato.ch/	1970-01-21 07:11:10	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Jul+30+2024+12%3A12%3A04+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202405.2.0&browserGpcFlag=0&isIABGlobal=false&landingPath=https%3A%2F%2Fwww.bancastato.ch%2F&groups=C0004%3A0%2CC0003%3A0%2CC0002%3A0%2CC0001%3A1&hosts=H3%3A1%2CH7%3A1%2CH9%3A1%2CH2%3A0&genVendors=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .inlinea.ch inlinea.ch .google-analytics.com google-analytics.com maps.google.com maps.gstatic.com apis.google.com fonts.googleapis.com fonts.gstatic.com maps.googleapis.com portal.htbridge.com csi.gstic.com ssl.gstic.com cse.gstatic.com .gstatic.com .browser-update.org browser-update.org accounts.google.com clients1.google.com www.youtube.com .bancastato.ch www.google.com cse.google.com developers.google.com www.googleapis.com https://code.jquery.com .cloudfront.net .onetrust.com cdn.cookielaw.org; connect-src 'self' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com accounts.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org wss://www.inlinea.ch wss://inlinea.ch; img-src 'self' data: .inlinea.ch inlinea.ch .htbridge.com .bancastato.ch apis.google.com csi.gstatic.com accounts.google.com www.google.com .gstatic.com maps.googleapis.com maps.google.com clients1.google.com maps.googleapis.com developers.google.com www.googleapis.com .cloudfront.net .onetrust.com cdn.cookielaw.org ; style-src 'self' 'unsafe-inline' .inlinea.ch inlinea.ch .bancastato.ch maps.googleapis.com developers.google.com apis.google.com csi.gstatic.com accounts.google.com www.google.com fonts.google.com fonts.googleapis.com cse.google.com .cloudfront.net .onetrust.com cdn.cookielaw.org; frame-ancestors 'self' ; frame-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com cse.google.com www.kantonalbank.ch www.newhome.ch .bancastato.ch https://www.google.com .cloudfront.net ; child-src 'self' .inlinea.ch inlinea.ch apis.google.com maps.googleapis.com developers.google.com .youtube.com accounts.google.com clients1.google.com www.kantonalbank.ch .bancastato.ch .cloudfront.net ; font-src 'self' data: .inlinea.ch inlinea.ch fonts.googleapis.com fonts.google.com fonts.gstatic.com .bancastato.ch .cloudfront.net
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
geolocation.onetrust.com
prd-analytics.bancastato.ch
www.bancastato.ch
www.inlinea.ch
prd-analytics.bancastato.ch
217.26.33.63
217.26.33.87
2606:4700:4400::ac40:9b77
2606:4700::6812:562a
0166fcc93e70f0cc0d0e262b6d0bce75d7b0308062206192d6ff502f97401812
0fea4ae61a79845e734c5df1c00ea48b1c35cda64f9abf9cab2642d381cb1040
10eae1e0c8623ca5379a5e9e06012355bab8d235e39813d94e03a50bf8c075dd
11ebc0e2ec3e972f3bcecd1aa31e3a6167654dc76b0f8d93c2069712175eddeb
1e19bb616cbb7296fcd63fb3ca0fd2feb036c75672819ba3485f96de052b2918
1e91e62490f19fae2907ddbfae2a95990ca18631d5386fa9de60311dd777ae4e
21b6763d09e089403bdf6a7ac81a90d5994989c880c0a5d4d836eb4e5654c290
22af2cb27167705fe5fb843dc6f737bdae9be8751437754e5145c2d87ba05dd0
2e85693143ed79c585888f5763d4b0c848b365a3a5c6d3e6b4b025f3e1bd5dc5
37d6df443d9944087f65178d813550ec6c29d7dba1e899bfe37a67daf5c28aad
3ca390e599307e3d3c40ce26738c025d3363f9956d18918de74b29ae5d33903d
402dda334f81814b077c20d0d093636239c027f3e82996fd7c12cb91aa57540a
465b2c629f5df9e676ab35968ddf7fde988646e1b0b0dfa5ae8fb83600946d7b
49f7cd749db705c8a8d211cd8a4eef6e9d2f892fa41e419cd872d80071566c91
55bca64511ff5fc5605d68b9236b19473e2781b4b4bcd6c4c77f0964225bc8ed
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
62386d8a8273031b38e78554c43a8aed04537629db132c6d1c7bdd51822a4988
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6aaea2e4447f9c01aa39e247f2c3a8b723e58c6895c751254401cf667853af6d
6e858a5202e480d17bbc81eacc216943fb9c7eea727263e08f30cb5cc468bec8
6fe53b4d34110d4b8591196abda67dbb539b594613f352bc9aab10b55cf3c016
71a95f3047ec8c8ac3bbef725137ea93d9ea71d42b0a53fe434ee6e9c023bed7
7aa6b0e08f48a0f95d8df7ea89e4cbfe1ef3d1e8c0f7373f7f25edfb4e4a325e
7e13c30013899b6784ab280bdb537a991a0d97a7f5da27c1bc5c8d8f300cc586
7f7ff0ab36975126c2daa004e333a3f5854b59a80d9c437847f47d1079e6dc1b
81dcc945def619ab8a342b22cfb70f5a93d0d417b79370d3431bfc817404b7c6
8dea63df662b256f541b207be4e598aa7c28604f310aa5db11d8618c9c61cc34
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
902274bd47aefaa6d5445e26545afb9beb51be3235ba4328d0c03061a23d9ff8
9230df14164558edda90752e80110204d9ce145fbea632d969493e54ab333a70
9473418c10073c7b3f3f3f7bfe6bc3f640e3a091ebc4c39cd6f44420011b5912
957d68464677b3a702883dec0257a3d1e7e87e18cb0355b1c370c7c67ef5d214
a08dc4a032a37d5a242a110e0ee7f6c06e64ddcb60b2042453a2fdfd47af5778
a4873963778e4f551c75d423b30652504b25cafa358b5e8c794183c43898fc6f
a60fca9f3aad41fafcd49e04e9ae88519efece6aa485de11c418a6c034f06b0c
ac95c581730ee3e2f28c7794e704e3637c5fe3b3b1a8f38c2d93a6c3176207cb
b1bc0b181617d553a69d6c20ada9495d7a8efe04ca9f098c965ec0758ba7a114
b20ce379151b1c1a67e47606231c8e4759ee83f10df06aa58cccb99627cbebd5
b4b37801b95c0da035a6222a14b883cee80b755b9566ba73f773181ab11e6733
b73598b06d5b907f913068d2fcf34161aa1a9ce9ffb6681a912f106c53f94413
b902de98789f621b2a85e196609dccbc69b3ba95d62449f84e10678afa936a71
c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa
cc45ca4ae13e6ad389e97d0e27c166830d4670ba81a3e5240caa8df9e24ae102
d870a2be4ceb379e084ef102f1b57e01d5026bdaa6549fcd9d5000cc2f975d0c
e0c289faa80333eff728b8bdbbf10b11dec1a6e1938a444e1cc41be6744e96d2
e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835
eba4de8674d27afe48ad105aa0fa15414dac7f5b198187e2e5c3a36fc9fbff4c
eda9e9de8160614499326480a28c0697dd04021d3c4ac63fe5736f0dc9b12761
ef83cb697d53e094cd0240d15be9e29e81557c8d4c9c212f1c2acc4cc2ca1ac8
f733ec258245b619fe5ea835141e8bee2e0b09e9e5de27fab7823fa97d71e4bb
fb035c043b6c05a56ca036429a63536a32c81e25892eb96a6d7279b4fd7057ce
fe2ee45b2e865d648dd94b3cb200d24cf31846741102d9384277daf326232f9b

www.bancastato.ch Open in urlscan Pro 217.26.33.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

96 %HTTPS

50 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

3815 kBTransfer

5537 kBSize

6 Cookies

4 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bancastato.ch Open in urlscan Pro
217.26.33.87 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

96 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

3815 kB
Transfer

5537 kB
Size

6
Cookies

55 HTTP transactions
0 data transactions