Submitted URL: http://cp72.webserver.pt/~calcetei/css26
Effective URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_...
Submission: On November 27 via automatic, source phishtank — Scanned from PT

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 156 HTTP transactions. The main IP is 194.209.96.18, located in Adligenswil, Switzerland and belongs to SWISSCOM Swisscom (Schweiz) AG, CH. The main domain is id.css.ch.
TLS certificate: Issued by SwissSign RSA TLS OV ICA 2022 - 1 on December 6th 2023. Valid for: a year.
This is the only time id.css.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 94.46.168.20 24768 (ALMOUROLT...)
119 20.250.75.149 8075 (MICROSOFT...)
2 35.71.155.136 16509 (AMAZON-02)
1 2.16.164.89 20940 (AKAMAI-AS...)
1 13.107.246.45 8075 (MICROSOFT...)
1 184.28.89.29 16625 (AKAMAI-AS)
1 31 194.209.96.18 3303 (SWISSCOM ...)
1 51.107.48.68 8075 (MICROSOFT...)
156 8
Apex Domain
Subdomains
Transfer
150 css.ch
my.css.ch
id.css.ch
3 MB
3 webserver.pt
cp72.webserver.pt
896 B
2 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 597
switzerlandnorth-0.in.applicationinsights.azure.com — Cisco Umbrella Rank: 551362
904 B
2 flagsmith.com
edge.api.flagsmith.com — Cisco Umbrella Rank: 39408
528 B
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 458
81 KB
1 scene7.com
cssversicherung.scene7.com
458 B
156 6
Domain Requested by
119 my.css.ch my.css.ch
31 id.css.ch 1 redirects my.css.ch
id.css.ch
3 cp72.webserver.pt 3 redirects
2 edge.api.flagsmith.com my.css.ch
1 switzerlandnorth-0.in.applicationinsights.azure.com my.css.ch
1 assets.adobedtm.com my.css.ch
1 js.monitor.azure.com my.css.ch
1 cssversicherung.scene7.com my.css.ch
156 8

This site contains links to these domains. Also see Links.

Domain
my.css.ch
www.css.ch
Subject Issuer Validity Valid
my.css.ch
SwissSign RSA TLS OV ICA 2022 - 1
2024-01-09 -
2025-01-09
a year crt.sh
edge.api.flagsmith.com
Amazon RSA 2048 M02
2024-09-23 -
2025-10-23
a year crt.sh
*.scene7.com
DigiCert TLS RSA SHA256 2020 CA1
2024-10-09 -
2025-10-11
a year crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 04
2024-11-19 -
2025-05-18
6 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-09 -
2025-08-09
a year crt.sh
id.css.ch
SwissSign RSA TLS OV ICA 2022 - 1
2023-12-06 -
2024-12-06
a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 07
2024-09-16 -
2025-09-11
a year crt.sh

This page contains 1 frames:

Primary Page: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=fd8b618cd27f42f69acada1bbc882cbb&code_challenge=yxs21HXRKf-kshrJEjTbHYu65zJ779jZVxk_u1bRkDM&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=en
Frame ID: 67BDB5F01736F7B39A0A6B918F3D815F
Requests: 154 HTTP requests in this frame

Screenshot

Page Title

myCSS Login

Page URL History Show full URLs

  1. http://cp72.webserver.pt/~calcetei/css26 HTTP 307
    https://cp72.webserver.pt/~calcetei/css26 HTTP 301
    http://cp72.webserver.pt/~calcetei/css26 HTTP 307
    http://cp72.webserver.pt/~calcetei/css26 HTTP 301
    http://cp72.webserver.pt/~calcetei/css26/ HTTP 302
    https://my.css.ch/ Page URL
  2. https://id.css.ch/auth/oauth2/v3/css/authorize?client_id=css-login-portal&redirect_uri=https%3... HTTP 302
    https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-lo... Page URL

Page Statistics

156
Requests

99 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

8
IPs

4
Countries

3017 kB
Transfer

5091 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cp72.webserver.pt/~calcetei/css26 HTTP 307
    https://cp72.webserver.pt/~calcetei/css26 HTTP 301
    http://cp72.webserver.pt/~calcetei/css26 HTTP 307
    http://cp72.webserver.pt/~calcetei/css26 HTTP 301
    http://cp72.webserver.pt/~calcetei/css26/ HTTP 302
    https://my.css.ch/ Page URL
  2. https://id.css.ch/auth/oauth2/v3/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=fd8b618cd27f42f69acada1bbc882cbb&code_challenge=yxs21HXRKf-kshrJEjTbHYu65zJ779jZVxk_u1bRkDM&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=en HTTP 302
    https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=fd8b618cd27f42f69acada1bbc882cbb&code_challenge=yxs21HXRKf-kshrJEjTbHYu65zJ779jZVxk_u1bRkDM&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cp72.webserver.pt/~calcetei/css26 HTTP 307
  • https://cp72.webserver.pt/~calcetei/css26 HTTP 301
  • http://cp72.webserver.pt/~calcetei/css26 HTTP 307
  • http://cp72.webserver.pt/~calcetei/css26 HTTP 301
  • http://cp72.webserver.pt/~calcetei/css26/ HTTP 302
  • https://my.css.ch/

156 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
my.css.ch/
Redirect Chain
  • http://cp72.webserver.pt/~calcetei/css26
  • https://cp72.webserver.pt/~calcetei/css26
  • http://cp72.webserver.pt/~calcetei/css26
  • http://cp72.webserver.pt/~calcetei/css26
  • http://cp72.webserver.pt/~calcetei/css26/
  • https://my.css.ch/
12 KB
5 KB
Document
General
Full URL
https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
02eb87c9f81b7d4c286eca21144b4ded28ed5969c986b8eaea965258bd7f1ff1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
content-type
text/html
date
Wed, 27 Nov 2024 00:25:25 GMT
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
expires
0
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
pragma
no-cache
referrer-policy
origin
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
strict-transport-security
max-age=16070400
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Nov 2024 00:25:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.45
location
https://my.css.ch
MuseoSans300-webfont.woff2
my.css.ch/assets/fonts/
17 KB
19 KB
Font
General
Full URL
https://my.css.ch/assets/fonts/MuseoSans300-webfont.woff2
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
184d53ce0e02a39cd434b8dd66e2da3dd45c00bbc386ed2f3eaf4c2527c084ac
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
font/woff2
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
content-length
17260
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
MuseoSans500-webfont.woff2
my.css.ch/assets/fonts/
17 KB
19 KB
Font
General
Full URL
https://my.css.ch/assets/fonts/MuseoSans500-webfont.woff2
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
26d51505332c23d6cbda9334670d7311bbb034572931905ecd97e7783a15c3db
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
font/woff2
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
content-length
17620
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
MuseoSans300-Italic-webfont.woff2
my.css.ch/assets/fonts/
17 KB
19 KB
Font
General
Full URL
https://my.css.ch/assets/fonts/MuseoSans300-Italic-webfont.woff2
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
88ca2a80f09237547350197e2027844849b74bbc085cb7abf4122ed169affafb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
font/woff2
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
content-length
17716
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
MuseoSans500-Italic-webfont.woff2
my.css.ch/assets/fonts/
18 KB
20 KB
Font
General
Full URL
https://my.css.ch/assets/fonts/MuseoSans500-Italic-webfont.woff2
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
226a231ce1028a60148cd1da305104b25ff215d590f90d9845f60e7dfd8ab1da
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
font/woff2
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
content-length
18104
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-4ARWIX5Z.js
my.css.ch/
6 KB
4 KB
Script
General
Full URL
https://my.css.ch/chunk-4ARWIX5Z.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ecd6409452281dfbc8c465a0984db678312887e9ce7cbdf19267a332694f291f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-YQWXRW47.js
my.css.ch/
6 KB
4 KB
Script
General
Full URL
https://my.css.ch/chunk-YQWXRW47.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2a2c21a9c513cf35dd3137a79cafe60eaf553a8d7dcd7c76977082d0c99aaaf5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-VVVWRCDH.js
my.css.ch/
24 KB
8 KB
Script
General
Full URL
https://my.css.ch/chunk-VVVWRCDH.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a4a19a58b5c8b94d49d0e973ef664b7ef29c2b58fad43857e5c9e67c8ee2aefe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-IQHBMHY7.js
my.css.ch/
149 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-IQHBMHY7.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7c18f72cc8a0431809070d56a0715c342c4f34e0ebc85b0cd199c099c15c6152
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-4GQGPVU3.js
my.css.ch/
121 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-4GQGPVU3.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04f0c7c056949295c858975ab5eec3a13a4d5d375af0afae93457589594cfbab
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-KKBEJ5DU.js
my.css.ch/
501 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-KKBEJ5DU.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
65e2989e197a88941aa0c3bdb1246c2acf99b98ae2cdb76071ed27cce85fc968
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-S7LTQWUX.js
my.css.ch/
91 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-S7LTQWUX.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba9fd88006022114ac4f05afc33865c5f3f304391439a2ecb7e8a0fb6cff4c5a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-NTM7U6YL.js
my.css.ch/
41 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-NTM7U6YL.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
15f46f190b711c9e5c7a421970982bd139b905018a6076eaabce77a442fba41c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-NZ4OTCQP.js
my.css.ch/
504 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-NZ4OTCQP.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b5c9220b1b0e378b04fdd5f9ddc041693758b87e80cc3695b64c0f58ea55575e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-KVDCI5JM.js
my.css.ch/
9 KB
5 KB
Script
General
Full URL
https://my.css.ch/chunk-KVDCI5JM.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a099ba07eea51c402659cb6f4479a65aec7b895b2a6dd20b32f5c31d65079a5b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
polyfills-SGAWYHLJ.js
my.css.ch/
34 KB
15 KB
Script
General
Full URL
https://my.css.ch/polyfills-SGAWYHLJ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
16ccca0f9ed23a07eb7340d4cfbe70957f2a336894a4c01add83e6b5de200cdd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
scripts-XQ2ZVQBZ.js
my.css.ch/
452 KB
128 KB
Script
General
Full URL
https://my.css.ch/scripts-XQ2ZVQBZ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90bbc7bfa7153c47da70a524c83aeeae78cf804215b177c2e042d63a664e193d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
main-6KD3Z2ID.js
my.css.ch/
346 KB
95 KB
Script
General
Full URL
https://my.css.ch/main-6KD3Z2ID.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ae4c5265fd687ed54f558516f5e83602054a7474bf7851966edc57e1502c7c50
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
styles-RKNOBQGE.css
my.css.ch/
52 KB
13 KB
Stylesheet
General
Full URL
https://my.css.ch/styles-RKNOBQGE.css
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73e86f6f90ec4a36ad62f753aed1b5e8f8de79184938098eff4ea04cc98025ee
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:25 GMT
content-type
text/css
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-W7VR6V7V.js
my.css.ch/
70 KB
21 KB
Script
General
Full URL
https://my.css.ch/chunk-W7VR6V7V.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30a630c483eae420e4d3bbd21fdc1579a1bcad0624de236777b273e67ff20f8b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-I52NK7NG.js
my.css.ch/
145 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-I52NK7NG.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fae9b03cff0ca9eea3e9d7fe04649b2c7b088f9195c2b72487d1225185d37fdc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-CTUHRXUV.js
my.css.ch/
1 KB
2 KB
Script
General
Full URL
https://my.css.ch/chunk-CTUHRXUV.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b64970267810d0bd8fe52285c2191ee909d682722552e86a98534dfb131ad227
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-QCFOCIPY.js
my.css.ch/
72 KB
6 KB
Script
General
Full URL
https://my.css.ch/chunk-QCFOCIPY.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b50b7529acbbf44a95c522f4557a1fb6d1892a2c6a1abf359429e7c464b07622
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-BLR6LS4O.js
my.css.ch/
493 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-BLR6LS4O.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a8be0523404cbcaf71c04790f69a0baaeea2dd9c7469f96c9ef17b39f46c5c60
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-OAEBO4PE.js
my.css.ch/
353 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-OAEBO4PE.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
03e4683e8b0d2273b0cfdd4bc3f4a5785a361e38cc76a587aa80eeef281d3fb3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-YKW63D5W.js
my.css.ch/
21 KB
10 KB
Script
General
Full URL
https://my.css.ch/chunk-YKW63D5W.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
120fc2e15235136f8e5fbfc2f8d3f64f94c0edbe7d2b23603331c8f01a38d28e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-CRLD5MJV.js
my.css.ch/
1 KB
2 KB
Script
General
Full URL
https://my.css.ch/chunk-CRLD5MJV.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6707dba3d03dce6acab4c24d9936c29bd7a66eec5d167e046f72484765f05d84
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-QLDMCMIK.js
my.css.ch/
861 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-QLDMCMIK.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
596ad8bc9a806faad5825acb891b9ff357c66810f900c0e8bd4cee194bbc3d0f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-64K3RYKW.js
my.css.ch/
602 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-64K3RYKW.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8ab95639584f1091ae6c6c6851a089bdda8819b15b5034fd6694c7c7963f9abe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-OZVHOBPE.js
my.css.ch/
954 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-OZVHOBPE.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9159de487ab6a6238781d36e9e14cddd2bf21d43b23be179b6f9cb87e23f177f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-3RXYCTDW.js
my.css.ch/
6 KB
4 KB
Script
General
Full URL
https://my.css.ch/chunk-3RXYCTDW.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0d3cbf4ca475a33584cf06b59b234726b2658e1c1736437fed112b46e45c44f5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-6PKCYHTE.js
my.css.ch/
1 KB
2 KB
Script
General
Full URL
https://my.css.ch/chunk-6PKCYHTE.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
49c8b4b45af47d8e199556948e79641947a10f9427a09c5199f59fcffcb6f0be
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-TSVWGLJ4.js
my.css.ch/
179 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-TSVWGLJ4.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
192053163d2559ec9db2f99d7d68208bfc684687b02c925b4113a45aa07599cd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-U5JEMM7S.js
my.css.ch/
28 KB
5 KB
Script
General
Full URL
https://my.css.ch/chunk-U5JEMM7S.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b4b1a6ed0ae3688621b153cac18b902a6af0976b9f4c0fb82556568aac764bc1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-JISEI6SB.js
my.css.ch/
994 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-JISEI6SB.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a0101cdf81dc566e14000b05e67ef1b124c57467352d231ab01f3a14f9417e24
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-GLVHU4QY.js
my.css.ch/
26 KB
11 KB
Script
General
Full URL
https://my.css.ch/chunk-GLVHU4QY.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
edf78b5a40890dbff3e6af07705667b8ce1cf353377c3ed30757e152a8151f0d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-4GKTQ6HA.js
my.css.ch/
1011 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-4GKTQ6HA.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
86b15edf16eae17b184b375cd0173e6883ac2bc694feca067c68e2fe1d16958c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-EIQQOU3S.js
my.css.ch/
990 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-EIQQOU3S.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc777188e991ec0032ffff0271f046466df50735fc49079ab89d30ec351ab3a0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-SD376XD4.js
my.css.ch/
35 KB
5 KB
Script
General
Full URL
https://my.css.ch/chunk-SD376XD4.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d76e59cf794cce3e6dd634e26a034fd01dd85e54398c70a8310a95cf2ec2b247
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-OVTZK6KT.js
my.css.ch/
412 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-OVTZK6KT.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
15aefa9d35bdbc3bc176cd0a3fc78847c5b172684c696c2d26491dc509ffd4a2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-ZXTI6KKN.js
my.css.ch/
1 KB
2 KB
Script
General
Full URL
https://my.css.ch/chunk-ZXTI6KKN.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f16296f340f00b661b7ece9c447eb9f315e18afedca089db0a5d01d40ed057fc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-COII3JDB.js
my.css.ch/
2 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-COII3JDB.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ef7762ad5af36c7164896980ac9ebdd03dd9027242a65f61d4f528a950ad51ed
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-2TLECSMN.js
my.css.ch/
8 KB
4 KB
Script
General
Full URL
https://my.css.ch/chunk-2TLECSMN.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e337357e4a13c9d8a4f1c9cf0800ff0ab1a9d532d77f5db4e1d707c577a17036
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-Q2LOI5CN.js
my.css.ch/
728 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-Q2LOI5CN.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
658f9e7ff459ff1334853698d0c83a414f24658c0bb0547f96643498c4cc446c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-LVJZ344F.js
my.css.ch/
127 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-LVJZ344F.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c52b89d5f77adf9f5a5d23f7546b30dcbbd848f9cce14865a5ea893014d6a85e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-CUHNVPPS.js
my.css.ch/
643 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-CUHNVPPS.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
52b34979bb3dc5101f45cf51c4d6fa7f05b4c4b112659ca6543c60762a8216c0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-AI7VI6L5.js
my.css.ch/
3 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-AI7VI6L5.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2ee10ef69cd2e564fde62a67ccd43d9c3f69871a2f87a4635072c23988753d44
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-BXA5MRET.js
my.css.ch/
777 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-BXA5MRET.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
477c3f1aa2e923828899ef043c895b22d6a2f40468b67d495dd6beefa0922a3e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-4HFHAF5V.js
my.css.ch/
34 KB
12 KB
Script
General
Full URL
https://my.css.ch/chunk-4HFHAF5V.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1cad55157377dfe4465cfb186dae64f5c2ea57294099bb79dc82ce5608539aed
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-JP7TBBYZ.js
my.css.ch/
2 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-JP7TBBYZ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9f22ce2798191bb953717a281c2c4662d094c3f1c64b05282b8b6cf6433c702a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-6LEF4GKR.js
my.css.ch/
531 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-6LEF4GKR.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
01aaddd4b288320b53db40d3164c5480bb95dc79aefc044e04ccdc7642829b82
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-NHG6PEP2.js
my.css.ch/
5 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-NHG6PEP2.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
db92b29df9a4f78d43079b278cfbd86a4ee939e45bcf65d26e96f05c0b469068
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-RZP2ETOY.js
my.css.ch/
776 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-RZP2ETOY.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
39bca63503f5685c78302e3ae402b5dcc59e43122e08ec21b27fc17dc541f076
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-BRENWR2E.js
my.css.ch/
713 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-BRENWR2E.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e4bda1893baf4f8d872443365ba800e3ad76ce0d5db9a4097ca6882d36d6f7fc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-IQXCJPLY.js
my.css.ch/
15 KB
8 KB
Script
General
Full URL
https://my.css.ch/chunk-IQXCJPLY.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a720f0e8d387a2b538c8fc94195fc0c890dd13eb6b9763983741ace8684f956
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-JRHEJTXH.js
my.css.ch/
117 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-JRHEJTXH.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d1dc8c6cd7a9dd3060126d771950b6ebf0b64d66440405280323092a2ca0a402
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-HUFTVPAT.js
my.css.ch/
1 KB
2 KB
Script
General
Full URL
https://my.css.ch/chunk-HUFTVPAT.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dd0de6a1b462a05bd3da6108feacf9b639896e598520398c21d560148a83e3e0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-U4X24DLW.js
my.css.ch/
5 KB
4 KB
Script
General
Full URL
https://my.css.ch/chunk-U4X24DLW.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b116b0b4883d08413d076acfa4fb93bbdeaf73cd11511be51cd0360ac53ac80e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-U7BY4XBX.js
my.css.ch/
34 KB
9 KB
Script
General
Full URL
https://my.css.ch/chunk-U7BY4XBX.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a41fa14faa482a23d766a387a160a9faaa79e83e6ff164c81434218efdc8a646
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-24FMA7MB.js
my.css.ch/
3 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-24FMA7MB.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
22fe330bd0c2045ccbf424452198a5292fbdd1aba106e3a9c86378db98b24d53
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-ZOOWKWOH.js
my.css.ch/
13 KB
5 KB
Script
General
Full URL
https://my.css.ch/chunk-ZOOWKWOH.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4846dc3abe15d62304819679e01ea8e0fa31e67288722a2b3475082a0821e540
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-3RF5PJD2.js
my.css.ch/
44 KB
12 KB
Script
General
Full URL
https://my.css.ch/chunk-3RF5PJD2.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
156f06beffac3131a39b4f283110d476c16f547c5c27c58a76380be035f1bffe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-ZYKMZ5X5.js
my.css.ch/
2 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-ZYKMZ5X5.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e63a31f92aa355a1415b1dcfc2eb3832fb5d25e6709b8803c1c10c6f3baebe1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-NKBNEWB3.js
my.css.ch/
744 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-NKBNEWB3.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f6cb5ddf3d745ffb88ceb74df564f510f0240ed58f880c98eaada6406715fdd1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-DXJIJEUW.js
my.css.ch/
6 KB
4 KB
Script
General
Full URL
https://my.css.ch/chunk-DXJIJEUW.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ce3756dee50960f2b54b9949768325a0dc6cf9b29e238634b6f937574282e4cd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-4YB3NVBR.js
my.css.ch/
4 KB
4 KB
Script
General
Full URL
https://my.css.ch/chunk-4YB3NVBR.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
becd4ded165ff751851f409fe46011fae549020f295d38a3b582acdc89e2a206
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-BQEBXENE.js
my.css.ch/
23 KB
9 KB
Script
General
Full URL
https://my.css.ch/chunk-BQEBXENE.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
672b310a82961c6aef20231705ca74434f98e10cd7980bb2186ee4898ef22819
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-63BXKTKC.js
my.css.ch/
1 KB
2 KB
Script
General
Full URL
https://my.css.ch/chunk-63BXKTKC.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f8c47a416c251a0ed7433a71ca35ae6a4363112ea83b1357926bc2cd2b83836
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-BVVFSIYL.js
my.css.ch/
27 KB
8 KB
Script
General
Full URL
https://my.css.ch/chunk-BVVFSIYL.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
88e6984ac98ccee9aa588f10eda8d43ed8801d7fa8c08f23c77bcbe806218190
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-XF7VR5NC.js
my.css.ch/
601 KB
183 KB
Script
General
Full URL
https://my.css.ch/chunk-XF7VR5NC.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9b89798eefeff44bcb74c6df5efb56d1a580bde871bd8249706b3077423ee0c5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-MB6XZO76.js
my.css.ch/
2 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-MB6XZO76.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6130073baa89ab9bcf24d2704e0c42a9e9f60b04c002f9a427119ae747ad715f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-7WQIYYQG.js
my.css.ch/
170 KB
60 KB
Script
General
Full URL
https://my.css.ch/chunk-7WQIYYQG.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7e482f3ed2e9bc65caf3afe5ab8bbdd5e9a9fec172666e2f907f08d147c5fb06
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-FFARCJQA.js
my.css.ch/
10 KB
5 KB
Script
General
Full URL
https://my.css.ch/chunk-FFARCJQA.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6cffdcb0572cd690f6aba8298d5e4dd424023e2221d154e9b8db488c31e26dda
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-X5ZKPL67.js
my.css.ch/
946 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-X5ZKPL67.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7c574997362eed2381b9f865be5929d3f9148d43d0793ac7ced4919b85c3571f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-TROVIAST.js
my.css.ch/
7 KB
5 KB
Script
General
Full URL
https://my.css.ch/chunk-TROVIAST.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2be8c210b4b838e9c3c2edfc79862ff073cba4de5f7d264e4de8a37b99d6bfed
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-SVC3R7OE.js
my.css.ch/
933 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-SVC3R7OE.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b6267eec84b2efe1ffb342c6a20d953793a9842e405347fd7a599088d047ac42
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-5QCNFQA2.js
my.css.ch/
3 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-5QCNFQA2.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f232709d4c0a7c80f98545926cb85764b471649f9d5a8f71a4a05d5e84be9c11
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-GOYWMCPZ.js
my.css.ch/
6 KB
4 KB
Script
General
Full URL
https://my.css.ch/chunk-GOYWMCPZ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dd1d878a8c74cdeb0d8362239d40873d24691d94f37b454cf1d24d56b80a476e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-2C4NEYVL.js
my.css.ch/
1022 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-2C4NEYVL.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73a51959b97b95d9ca1d037b0df0ae474e0a4180721ea16c6e5f07984ba7dcc7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-D62NWLS6.js
my.css.ch/
541 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-D62NWLS6.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eff1e249de193e593201e73e4958d0594251a14940529bdb81419dfda23adb63
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-4N22GXPW.js
my.css.ch/
99 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-4N22GXPW.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8fc58a8e281eb5e7c778968a5dcffde546dfca1235da92cd7447ae43864bd911
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-GOKFTEF7.js
my.css.ch/
876 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-GOKFTEF7.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1ecc40560fe1a9379b028cbff83fd74dae7fde982c8bf65332dab9cd996c5281
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-56CP5X7T.js
my.css.ch/
183 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-56CP5X7T.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d67f636a417e99fabe27fbd3510ccf652124bdee4bde1b95550b5a1948ab8656
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-3V3OXDEW.js
my.css.ch/
37 KB
16 KB
Script
General
Full URL
https://my.css.ch/chunk-3V3OXDEW.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0bb2c7b59d53e56ac6032df764c5d6487bc00338346c7077202fff4759e7f50c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-AQNLQFPK.js
my.css.ch/
1 KB
2 KB
Script
General
Full URL
https://my.css.ch/chunk-AQNLQFPK.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6b3fef1e01af6453f7f9ab1e433e34520a2dcb06798e24b6e9881319c3c42f88
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-7I65L3DD.js
my.css.ch/
268 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-7I65L3DD.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b35d3f81ee048cc98f2e005fb16052ac49a0bc0f9e41d03f680b91aa4131769e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-NBQQZFXX.js
my.css.ch/
195 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-NBQQZFXX.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2e74daf40163bd7bbf26e1b300b1f54b86bff72c8548d30ed15e0b2d451e2219
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-RMWCIN6Y.js
my.css.ch/
9 KB
5 KB
Script
General
Full URL
https://my.css.ch/chunk-RMWCIN6Y.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5877236ed7ea15230f0938211a9932cc1f162174dcd062a8a51c5380c9bf2159
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-OQ4NSU3H.js
my.css.ch/
2 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-OQ4NSU3H.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4e40bf4d94b62a21afd36d81778aec9a4c82e7e7644a2096a233b943dbc904b6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
config.json
my.css.ch/env/
2 KB
3 KB
Fetch
General
Full URL
https://my.css.ch/env/config.json
Requested by
Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8f34a992a8736e14af2d7934116f99c4dee509040aafd44961bd3197c48feb5c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
application/json
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
favicon.ico
my.css.ch/assets/images/
4 KB
6 KB
Other
General
Full URL
https://my.css.ch/assets/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
443f5da46f138d77ca2716502e5fb652a9f55c763256cfd970113e0c2b2adf74
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://my.css.ch/

Response headers

etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
content-length
4286
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
/
edge.api.flagsmith.com/api/v1/flags/
0
0
Preflight
General
Full URL
https://edge.api.flagsmith.com/api/v1/flags/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.155.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a73d3afe8ff45acb7.awsglobalaccelerator.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-environment-key
Access-Control-Request-Method
GET
Origin
https://my.css.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, PUT
access-control-allow-origin
*
access-control-expose-headers
x-flagsmith-document-updated-at
access-control-max-age
86400
allow
GET, HEAD, OPTIONS
content-length
0
content-type
application/json
date
Wed, 27 Nov 2024 00:25:26 GMT
server
awselb/2.0
maintenance
cssversicherung.scene7.com/is/content/csskrankenversicherung/
995 B
458 B
Fetch
General
Full URL
https://cssversicherung.scene7.com/is/content/csskrankenversicherung/maintenance?nocache=1732667126550
Requested by
Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.164.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-164-89.deploy.static.akamaitechnologies.com
Software
Unknown /
Resource Hash
9364f0149d08c8ed0c02ca2aa7ca3421ff64e6213523572d3b4aedc54e95af47

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Referer
https://my.css.ch/

Response headers

content-encoding
gzip
expires
Fri, 29 Nov 2024 00:25:26 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
259
date
Wed, 27 Nov 2024 00:25:26 GMT
akamai-grn
0.0da41002.1732667126.7b5eaac
content-type
text/css
last-modified
Thu, 07 Nov 2024 11:02:08 GMT
server
Unknown
x-akamai-cache
Miss
vary
Accept-Encoding
/
edge.api.flagsmith.com/api/v1/flags/
365 B
528 B
Fetch
General
Full URL
https://edge.api.flagsmith.com/api/v1/flags/
Requested by
Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.155.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a73d3afe8ff45acb7.awsglobalaccelerator.com
Software
awselb/2.0 /
Resource Hash
bdaf09e3859577eee6f7d2b1910874289ed3e6894d60990c1c822361caca10d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
x-environment-key
n4HwLXVeFZP6cuVh8bD3H7
Referer
https://my.css.ch/

Response headers

aws-lambda-region
eu-west-2
cache-control
max-age=0
access-control-expose-headers
x-flagsmith-document-updated-at
content-encoding
gzip
access-control-allow-credentials
true
x-flagsmith-document-updated-at
1731333524.615109
access-control-allow-methods
GET, POST, PUT
aws-resource-region
eu-west-2
access-control-allow-origin
*
content-length
183
date
Wed, 27 Nov 2024 00:25:26 GMT
content-type
application/json
server
awselb/2.0
access-control-allow-headers
*
ai.config.1.cfg.json
js.monitor.azure.com/scripts/b/
1 KB
904 B
Fetch
General
Full URL
https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json
Requested by
Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
64ac278a67256ae70d462c23307e75416d4e5a0a060f95e124be57772ee5b43f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://my.css.ch/

Response headers

x-azure-ref
20241127T002527Z-17cb9b4dc7bk2ztrhC1LISa82n0000000axg000000004rew
cache-control
public, max-age=1800, immutable, no-transform
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdkver,x-ms-meta-aijssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
5b00fe10-001e-0095-56fd-36c82f000000
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.config.1.0.0.cfg.json
access-control-allow-origin
*
x-cache
TCP_HIT
x-ms-meta-aijssdkver
1.0.0
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
application/json
vary
Accept-Encoding
last-modified
Tue, 02 Apr 2024 18:24:43 GMT
chunk-CYQC3HPW.js
my.css.ch/
911 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-CYQC3HPW.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-6KD3Z2ID.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eed9b7322dbd260bfcbc77c5d59608ee574cfb899571e8c767aabf5b60e85cdb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-5NNGL742.js
my.css.ch/
1 KB
2 KB
Script
General
Full URL
https://my.css.ch/chunk-5NNGL742.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/chunk-4GKTQ6HA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9daa4015cdaec2387671c536ac2cee3900bb8fc3a6e521df630b935b9bc44597
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
launch-a50a3ff59732.min.js
assets.adobedtm.com/091b5d609578/5e31050b4550/
297 KB
81 KB
Script
General
Full URL
https://assets.adobedtm.com/091b5d609578/5e31050b4550/launch-a50a3ff59732.min.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-6KD3Z2ID.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-29.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0dd60776bd46b3f2cc5ac8fd8c83687a585dc9ab01827ba66e77d5e173e02ecc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://my.css.ch/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"680a2aa56e5d4ce2daabfa20af3a8905:1728894872.435769"
x-content-type-options
nosniff
expires
Wed, 27 Nov 2024 01:25:27 GMT
accept-ranges
bytes
access-control-allow-origin
https://my.css.ch
content-length
82193
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
application/x-javascript
last-modified
Mon, 14 Oct 2024 08:34:32 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
chunk-D3BOR742.js
my.css.ch/
1 KB
2 KB
Script
General
Full URL
https://my.css.ch/chunk-D3BOR742.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-6KD3Z2ID.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ef579426bc061fd2a183514d27fb9bbf3b469b96a0ca5a96bc1cbc1a9238555c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-IN3IU3PJ.js
my.css.ch/
3 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-IN3IU3PJ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-6KD3Z2ID.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7691c760a58fe672e9848ad70e7280a74e8d959732af304fd8410bc6e1819d0d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
en.json
my.css.ch/assets/translations/
225 KB
38 KB
XHR
General
Full URL
https://my.css.ch/assets/translations/en.json
Requested by
Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
14e007173cb0966c63437335d00a02c39fef65991733dccc505d66536aa3fe0d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

Request-Id
|899c57a7634941d4a23ff65f44b9ac87.4600e2ad646e437b
traceparent
00-899c57a7634941d4a23ff65f44b9ac87-4600e2ad646e437b-01
Referer
https://my.css.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
application/json
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-Z256B5IQ.js
my.css.ch/
37 KB
11 KB
Script
General
Full URL
https://my.css.ch/chunk-Z256B5IQ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-6KD3Z2ID.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
579482017c51566ac55254e502dd35542da98781b9c284ae888377e371552d02
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-HY4Z65LO.js
my.css.ch/
2 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-HY4Z65LO.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-6KD3Z2ID.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4da8ba784468aafc9253e469bfc65bcb24b563a4955eece94323f705a6027d5e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-YO5ZPNQE.js
my.css.ch/
314 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-YO5ZPNQE.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-6KD3Z2ID.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7c3152dc5b90a96056e64dfbd04f3bfb026a40d62d607ae8d3ff6954b9a1c811
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-IQQ7XISM.js
my.css.ch/
31 KB
10 KB
Script
General
Full URL
https://my.css.ch/chunk-IQQ7XISM.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
df0241839df1a480bda17a608399f8a4ce5b6394967a7ae514a5fcc7388256aa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-HFRTHZT6.js
my.css.ch/
5 KB
4 KB
Script
General
Full URL
https://my.css.ch/chunk-HFRTHZT6.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
38be32fd575e764690d6ea7e23b06e22349201dbc2d95ff6bace736230dba640
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-NLFSK2PQ.js
my.css.ch/
3 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-NLFSK2PQ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4fd0bec4e0f6c7dd4269f62b0f98111c532e95a0a93e168cf78365cc2fcebe43
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-Q4D2HPXV.js
my.css.ch/
4 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-Q4D2HPXV.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f55ff0c4c11941820ccddf4e58824aa067b8227375b68ab0bbb13f7b1fd194c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-F5AT6TUI.js
my.css.ch/
13 KB
6 KB
Script
General
Full URL
https://my.css.ch/chunk-F5AT6TUI.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4c75a6ba3bf09a1496d474c6e0687453be21570e66645b52694f06e7d75749e2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-AF2V3D37.js
my.css.ch/
4 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-AF2V3D37.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
667fa7212de4bbca0326f43adbce08dd34eaf31979c5af9a06c5527239107f14
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-N6WRDLTV.js
my.css.ch/
1 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-N6WRDLTV.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7e8992f0761844921c28e126ead419080788b51d9eacc8c3d353b4f1aafd3fd5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-WRUPHAUD.js
my.css.ch/
53 KB
6 KB
Script
General
Full URL
https://my.css.ch/chunk-WRUPHAUD.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8ab6df629aa05df86c2bfdd26120601d742c2a26466454fb18f3b7b27f2a44c6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-H2S2W3UO.js
my.css.ch/
4 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-H2S2W3UO.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e790a2ddb0781ad52be7a8d0ff91b24d97f5facad998f8d5f6244268bd5542ac
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-D766N365.js
my.css.ch/
3 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-D766N365.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09671013d88a881550428c47cce5d42b4e9b526d87c7d760b5897a6b9925ff88
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-YU5YRPII.js
my.css.ch/
4 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-YU5YRPII.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1f8ea35ba1863550a9252298dc47366db13e6fcfebf28b2814c1fe6654d7c2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-PCCK6ELR.js
my.css.ch/
112 KB
36 KB
Script
General
Full URL
https://my.css.ch/chunk-PCCK6ELR.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4200efceb1a8d855aa7d9c81c8322cc6be13bbf5a8598ea50c57c38b892d293
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-GG3OBIQB.js
my.css.ch/
3 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-GG3OBIQB.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7a8f8d826ba1e489dd07946be4a1dd6becab5935c7f963f6b7e99497fec3a1a0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-26WFATPC.js
my.css.ch/
543 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-26WFATPC.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4bcabf8193d8aba6d39a50fc9097abc1ee8ec127fb9033624075fd4b17f6aee9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-UVU52ZCZ.js
my.css.ch/
7 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-UVU52ZCZ.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8b6e2407411200d45fd9a8db9b81a6068ac8f8224e63ec57265d5e4228d2564d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-6LYP4M57.js
my.css.ch/
11 KB
4 KB
Script
General
Full URL
https://my.css.ch/chunk-6LYP4M57.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
57573ae3d35b0cdbdf6f4a0c8d25e976cdb8fbe1553652ef769a66a5c7aa82e0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-6BULVL5B.js
my.css.ch/
2 KB
3 KB
Script
General
Full URL
https://my.css.ch/chunk-6BULVL5B.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1175ab636b4aff3fefb573203f3697cb9682ba6bff6ef1f269c4e7061756cb8d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-SKBXELAE.js
my.css.ch/
19 KB
7 KB
Script
General
Full URL
https://my.css.ch/chunk-SKBXELAE.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9d22e9bc960b76ab7cff17e065376a4d5f31fda44a027c43222cafaf6b9741f8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-VEXC3JUN.js
my.css.ch/
404 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-VEXC3JUN.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-6KD3Z2ID.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
26941ac1cce9e48241667eb3cfbe7a921ce046b7ecb5475bdb80cfebe3b052ed
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
chunk-45VV7TQN.js
my.css.ch/
952 B
2 KB
Script
General
Full URL
https://my.css.ch/chunk-45VV7TQN.js
Requested by
Host: my.css.ch
URL: https://my.css.ch/main-6KD3Z2ID.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.250.75.149 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ece06f0c16a254f73ebcb97bff06c8f122c50c4bd73040435c09f68588c732d7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://my.css.ch
Referer
https://my.css.ch/

Response headers

content-encoding
br
etag
"49674197"
expect-ct
max-age=21600, enforce, report-uri=https://cssversicherung.report-uri.com/r/d/ct/enforce
report-to
report-to: {group:default,max_age:31536000,endpoints:[{url:https://cssversicherung.report-uri.com/a/d/g}],include_subdomains:true}
x-content-type-options
nosniff
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
text/javascript
last-modified
Tue, 19 Nov 2024 12:34:05 GMT
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'self' https://maps.googleapis.com; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
cache-control
public, must-revalidate, max-age=30
x-dns-prefetch-control
off
nel
{report_to:default,max_age:31536000,include_subdomains:true, failure_fraction: 0.5}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://css-production-messaging-webchat.patty-awseuc1.swops.cloud
x-xss-protection
1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce
self-openid-configuration
id.css.ch/auth/rest/oauth2/authorization-servers/css/.well-known/
1 KB
3 KB
Fetch
General
Full URL
https://id.css.ch/auth/rest/oauth2/authorization-servers/css/.well-known/self-openid-configuration
Requested by
Host: my.css.ch
URL: https://my.css.ch/polyfills-SGAWYHLJ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
173d9fe05b29be9682dedd8034025e256b7fe31a83741fbd25ee3307f22c6a9b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/jwk-set+json, application/json
Referer
https://my.css.ch/

Response headers

expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:27 GMT
content-type
application/json;charset=UTF-8
vary
Origin,Accept-Encoding,User-Agent
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true, true
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://my.css.ch
content-length
1381
x-xss-protection
1; mode=block
server
Apache
track
switzerlandnorth-0.in.applicationinsights.azure.com/v2/
0
0
Preflight
General
Full URL
https://switzerlandnorth-0.in.applicationinsights.azure.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.48.68 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://my.css.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Wed, 27 Nov 2024 00:25:27 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
Primary Request authorize
id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/
Redirect Chain
  • https://id.css.ch/auth/oauth2/v3/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=fd8b618cd2...
  • https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+...
3 KB
4 KB
Document
General
Full URL
https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=fd8b618cd27f42f69acada1bbc882cbb&code_challenge=yxs21HXRKf-kshrJEjTbHYu65zJ779jZVxk_u1bRkDM&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=en
Requested by
Host: my.css.ch
URL: https://my.css.ch/chunk-W7VR6V7V.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
44c786aff03fbb4bb02e3c369c87b91e858cd653029e9ef8f13f176f61efcb8d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; object-src 'none'; script-src 'nonce-n_yP8B1gycKjg0D5LY1RSR7EymbJ4OiD2_ZX1mPXh5c' 'strict-dynamic' 'self' *.cookiebot.com; img-src 'self' data:; connect-src 'self' *.css.ch *.cookiebot.com *.applicationinsights.azure.com; base-uri 'self'; frame-src 'self' *.cookiebot.com; frame-ancestors 'self' *.css.ch *.azurestaticapps.net *.azurewebsites.net *.cookiebot.com; upgrade-insecure-requests; block-all-mixed-content; report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce; report-to csp-endpoint;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.css.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
cache-control
no-store, no-cache, must-revalidate
content-length
3194
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; object-src 'none'; script-src 'nonce-n_yP8B1gycKjg0D5LY1RSR7EymbJ4OiD2_ZX1mPXh5c' 'strict-dynamic' 'self' *.cookiebot.com; img-src 'self' data:; connect-src 'self' *.css.ch *.cookiebot.com *.applicationinsights.azure.com; base-uri 'self'; frame-src 'self' *.cookiebot.com; frame-ancestors 'self' *.css.ch *.azurestaticapps.net *.azurewebsites.net *.cookiebot.com; upgrade-insecure-requests; block-all-mixed-content; report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce; report-to csp-endpoint;
content-type
text/html;charset=UTF-8
date
Wed, 27 Nov 2024 00:25:28 GMT
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
expires
0
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
referrer-policy
origin
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
server
Apache
strict-transport-security
max-age=16070400
vary
Origin,Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
cache-control
no-store, no-cache, must-revalidate
content-length
0
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; object-src 'none'; script-src 'nonce-cq7aqR0UYnNysAXqQMfC2DDYBH9FOsxZxJXKaJa9Zkg' 'strict-dynamic' 'self' *.cookiebot.com; img-src 'self' data:; connect-src 'self' *.css.ch *.cookiebot.com *.applicationinsights.azure.com; base-uri 'self'; frame-src 'self' *.cookiebot.com; frame-ancestors 'self' *.css.ch *.azurestaticapps.net *.azurewebsites.net *.cookiebot.com; upgrade-insecure-requests; block-all-mixed-content; report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce; report-to csp-endpoint;
content-type
text/plain;charset=utf-8
date
Wed, 27 Nov 2024 00:25:28 GMT
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
expires
0
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
last-modified
Wed, 27 Nov 2024 00:25:28 GMT
location
/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=fd8b618cd27f42f69acada1bbc882cbb&code_challenge=yxs21HXRKf-kshrJEjTbHYu65zJ779jZVxk_u1bRkDM&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=en
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
referrer-policy
origin
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
server
Apache
strict-transport-security
max-age=16070400
vary
Origin,Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
track
switzerlandnorth-0.in.applicationinsights.azure.com/v2/
0
0

styles.08707b8b70dd5836.css
id.css.ch/auth/ui/
62 KB
62 KB
Stylesheet
General
Full URL
https://id.css.ch/auth/ui/styles.08707b8b70dd5836.css
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=fd8b618cd27f42f69acada1bbc882cbb&code_challenge=yxs21HXRKf-kshrJEjTbHYu65zJ779jZVxk_u1bRkDM&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
46b5e5251724cd6aad0a7dc21529b2a774318d07e4093c3aa275cc5d8fb03577
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://id.css.ch/

Response headers

etag
W/"63539-1732003092000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:28 GMT
last-modified
Tue, 19 Nov 2024 07:58:12 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/css;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
content-length
63539
x-xss-protection
1; mode=block
server
Apache
iam.e8131b50722b3d67.js
id.css.ch/auth/ui/assets/airlock/js/
7 KB
7 KB
Script
General
Full URL
https://id.css.ch/auth/ui/assets/airlock/js/iam.e8131b50722b3d67.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=fd8b618cd27f42f69acada1bbc882cbb&code_challenge=yxs21HXRKf-kshrJEjTbHYu65zJ779jZVxk_u1bRkDM&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
73d2de38c926993924a4df0afd4ec669364162bc69b0d02601096fddf4447340
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://id.css.ch/

Response headers

etag
W/"6704-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:28 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
content-length
6704
x-xss-protection
1; mode=block
server
Apache
iam-custom.a7c469be340deef0.js
id.css.ch/auth/ui/assets/custom/js/
361 KB
361 KB
Script
General
Full URL
https://id.css.ch/auth/ui/assets/custom/js/iam-custom.a7c469be340deef0.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=fd8b618cd27f42f69acada1bbc882cbb&code_challenge=yxs21HXRKf-kshrJEjTbHYu65zJ779jZVxk_u1bRkDM&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
41d73614db922a23bcdc7ef4dd1ee3c6985ff963ef994fe2905be26528a3034f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"369676-1732003100000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:28 GMT
last-modified
Tue, 19 Nov 2024 07:58:20 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
369676
x-xss-protection
1; mode=block
server
Apache
runtime.a5fcb72dd38bddab.js
id.css.ch/auth/ui/
7 KB
7 KB
Script
General
Full URL
https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=fd8b618cd27f42f69acada1bbc882cbb&code_challenge=yxs21HXRKf-kshrJEjTbHYu65zJ779jZVxk_u1bRkDM&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
dcde0aa43386104265e30aa734a2f7afc188bae7b872beaac115ba1f4a3fd3a4
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"6930-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:28 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
6930
x-xss-protection
1; mode=block
server
Apache
polyfills.44be6b6d8b1d9b4f.js
id.css.ch/auth/ui/
33 KB
33 KB
Script
General
Full URL
https://id.css.ch/auth/ui/polyfills.44be6b6d8b1d9b4f.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=fd8b618cd27f42f69acada1bbc882cbb&code_challenge=yxs21HXRKf-kshrJEjTbHYu65zJ779jZVxk_u1bRkDM&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
25f0664272677a3f1de14a2800edecf83935da3a625e1441a4a7982bc947888a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"34163-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:28 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
34163
x-xss-protection
1; mode=block
server
Apache
scripts.36c7649c8b23686e.js
id.css.ch/auth/ui/
144 KB
144 KB
Script
General
Full URL
https://id.css.ch/auth/ui/scripts.36c7649c8b23686e.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=fd8b618cd27f42f69acada1bbc882cbb&code_challenge=yxs21HXRKf-kshrJEjTbHYu65zJ779jZVxk_u1bRkDM&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
18e190ecef8f0abab753ce7d080a9226db06ccd7ef307e7b23e3d1311aecabcc
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://id.css.ch/

Response headers

etag
W/"147746-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:28 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
content-length
147746
x-xss-protection
1; mode=block
server
Apache
main.574d81c245f99009.js
id.css.ch/auth/ui/
972 KB
973 KB
Script
General
Full URL
https://id.css.ch/auth/ui/main.574d81c245f99009.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/app/auth/oauth2/authorization-servers/css/authorize?client_id=css-login-portal&redirect_uri=https%3A%2F%2Fmy.css.ch%2Flogin-redirect&response_type=code&scope=openid+email+offline_access&state=fd8b618cd27f42f69acada1bbc882cbb&code_challenge=yxs21HXRKf-kshrJEjTbHYu65zJ779jZVxk_u1bRkDM&code_challenge_method=S256&response_mode=query&acr_values=mycss-login&lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
467dfd94d2f3fc07b180873e78455d838d0a66763625bafee9c14a34968bdbdb
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"995391-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:28 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
995391
x-xss-protection
1; mode=block
server
Apache
languages
id.css.ch/auth/rest/public/ui/
209 B
269 B
XHR
General
Full URL
https://id.css.ch/auth/rest/public/ui/languages
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.a7c469be340deef0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
dc6916a6516ba000f60211389dda63b024975ddc65fd3cf57f87c5cc380d2a26
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://id.css.ch/
Pragma
no-cache
X-Same-Domain
1
Request-Id
|324443ccd33f4249b0ea5ef66f11b33d.1634dd429c484175
traceparent
00-324443ccd33f4249b0ea5ef66f11b33d-1634dd429c484175-01
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
expires
0
date
Wed, 27 Nov 2024 00:25:28 GMT
last-modified
Wed, 27 Nov 2024 00:25:28 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
application/vnd.api+json
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
no-store, no-cache, must-revalidate
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
content-length
209
x-xss-protection
1; mode=block
server
Apache
common.a96369b7e9b73fc0.js
id.css.ch/auth/ui/
54 KB
54 KB
Script
General
Full URL
https://id.css.ch/auth/ui/common.a96369b7e9b73fc0.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
28068ef87eebe9c924f5f8e6250a2c59138b2577e36882d8dda00396e64cec67
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"55555-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:28 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
55555
x-xss-protection
1; mode=block
server
Apache
4297.98b7be890ea6e9d4.js
id.css.ch/auth/ui/
18 KB
19 KB
Script
General
Full URL
https://id.css.ch/auth/ui/4297.98b7be890ea6e9d4.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
dc1979adbb5fcb8d71ad0a0808168555de5132eba802f5f0bf1b0bb3fbbde626
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"18902-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:28 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
18902
x-xss-protection
1; mode=block
server
Apache
en.json
id.css.ch/auth/ui/assets/airlock/i18n/
62 KB
62 KB
XHR
General
Full URL
https://id.css.ch/auth/ui/assets/airlock/i18n/en.json
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.a7c469be340deef0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
79925309ee0cdcf51dff7b33da7f189e614a96da503d6fb0840f328214fdbf5f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Request-Id
|324443ccd33f4249b0ea5ef66f11b33d.e83439fbfaf240d5
traceparent
00-324443ccd33f4249b0ea5ef66f11b33d-e83439fbfaf240d5-01
Referer
https://id.css.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

etag
1552510927
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:28 GMT
last-modified
Tue, 19 Nov 2024 12:22:49 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
application/json;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=0
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
content-length
63033
x-xss-protection
1; mode=block
server
Apache
8552.ed3caa7d7b2b6014.js
id.css.ch/auth/ui/
2 KB
2 KB
Script
General
Full URL
https://id.css.ch/auth/ui/8552.ed3caa7d7b2b6014.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
54d5a65ad73975ba4f32c410f6448a25ef4d35c801cc9ece1e856ff2569ca71e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"1724-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:28 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
1724
x-xss-protection
1; mode=block
server
Apache
6424.7bfbcdde6d729f35.js
id.css.ch/auth/ui/
3 KB
3 KB
Script
General
Full URL
https://id.css.ch/auth/ui/6424.7bfbcdde6d729f35.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
24bbac3376a3aaed9d1ee9c421ad5a4f736adfe1467e9afe1dfdeb04fc35c71e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"2996-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:28 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
2996
x-xss-protection
1; mode=block
server
Apache
flow
id.css.ch/auth/rest/public/authentication/
0
82 B
XHR
General
Full URL
https://id.css.ch/auth/rest/public/authentication/flow
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.a7c469be340deef0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://id.css.ch/
Accept-Language
en
Pragma
no-cache
X-Same-Domain
1
Request-Id
|324443ccd33f4249b0ea5ef66f11b33d.2d0d0c9292b14e1c
traceparent
00-324443ccd33f4249b0ea5ef66f11b33d-2d0d0c9292b14e1c-01
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
expires
0
date
Wed, 27 Nov 2024 00:25:29 GMT
last-modified
Wed, 27 Nov 2024 00:25:29 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
no-store, no-cache, must-revalidate
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://id.css.ch
x-xss-protection
1; mode=block
server
Apache
MuseoSans300-webfont.6c49dff08d4f9398.woff2
id.css.ch/auth/ui/
17 KB
17 KB
Font
General
Full URL
https://id.css.ch/auth/ui/MuseoSans300-webfont.6c49dff08d4f9398.woff2
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/styles.08707b8b70dd5836.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
184d53ce0e02a39cd434b8dd66e2da3dd45c00bbc386ed2f3eaf4c2527c084ac
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"17260-1732003092000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:29 GMT
last-modified
Tue, 19 Nov 2024 07:58:12 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
font/woff2
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
17260
x-xss-protection
1; mode=block
server
Apache
favicon.ico
id.css.ch/auth/ui/assets/custom/img/
4 KB
4 KB
Other
General
Full URL
https://id.css.ch/auth/ui/assets/custom/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
443f5da46f138d77ca2716502e5fb652a9f55c763256cfd970113e0c2b2adf74
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://id.css.ch/

Response headers

etag
W/"4286-1732003094000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:29 GMT
last-modified
Tue, 19 Nov 2024 07:58:14 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
image/x-icon
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
content-length
4286
x-xss-protection
1; mode=block
server
Apache
authorize
id.css.ch/auth/rest/public/authentication/oauth2/authorization-servers/css/
191 B
269 B
XHR
General
Full URL
https://id.css.ch/auth/rest/public/authentication/oauth2/authorization-servers/css/authorize
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.a7c469be340deef0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
f669894a906b64e054b13fdb58c5ed54c61daf76ad62ecad50567586646dfc52
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://id.css.ch/
Accept-Language
en
Pragma
no-cache
X-Same-Domain
1
Request-Id
|324443ccd33f4249b0ea5ef66f11b33d.e8bc21e201e243f7
traceparent
00-324443ccd33f4249b0ea5ef66f11b33d-e8bc21e201e243f7-01
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
expires
0
date
Wed, 27 Nov 2024 00:25:29 GMT
last-modified
Wed, 27 Nov 2024 00:25:29 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
application/vnd.api+json
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
no-store, no-cache, must-revalidate
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
www-authenticate
None
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
access-control-allow-origin
https://id.css.ch
content-length
191
x-xss-protection
1; mode=block
server
Apache
configuration
id.css.ch/auth/rest/public/authentication/ui/
322 B
363 B
XHR
General
Full URL
https://id.css.ch/auth/rest/public/authentication/ui/configuration
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.a7c469be340deef0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
9cbc818b07cd89e75df1e760498ae03e82d16223a3613e55dacee70a4dafa5b6
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://id.css.ch/
Accept-Language
en
Pragma
no-cache
X-Same-Domain
1
Request-Id
|324443ccd33f4249b0ea5ef66f11b33d.b0959f860e9448ee
traceparent
00-324443ccd33f4249b0ea5ef66f11b33d-b0959f860e9448ee-01
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
expires
0
date
Wed, 27 Nov 2024 00:25:29 GMT
last-modified
Wed, 27 Nov 2024 00:25:29 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
application/vnd.api+json
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
no-store, no-cache, must-revalidate
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
content-length
322
x-xss-protection
1; mode=block
server
Apache
3640.cc8aca638b28bfb0.js
id.css.ch/auth/ui/
11 KB
11 KB
Script
General
Full URL
https://id.css.ch/auth/ui/3640.cc8aca638b28bfb0.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
4e7bdec884dcc94de26fe95a6e32c0f5fd78a1c8f7aab28e10e9d7196affad29
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"11585-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:29 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
11585
x-xss-protection
1; mode=block
server
Apache
9756.5e6bd003b8bd1682.js
id.css.ch/auth/ui/
32 KB
32 KB
Script
General
Full URL
https://id.css.ch/auth/ui/9756.5e6bd003b8bd1682.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
9b0e3b7118d9987303555e13b466c6ef4c9980792c3f1dd11a01d93263da9cd0
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"32785-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:29 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
32785
x-xss-protection
1; mode=block
server
Apache
6326.eaa140bfff4e957e.js
id.css.ch/auth/ui/
12 KB
12 KB
Script
General
Full URL
https://id.css.ch/auth/ui/6326.eaa140bfff4e957e.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
6dfb24e850f09de9e9d7575d093c1a11145a97b6fb251b0fc92352b876849910
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"12384-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:29 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
12384
x-xss-protection
1; mode=block
server
Apache
2076.d660fa4a4ed85bd6.js
id.css.ch/auth/ui/
29 KB
29 KB
Script
General
Full URL
https://id.css.ch/auth/ui/2076.d660fa4a4ed85bd6.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
5180491ba74eee59c3454fc581cfbd1149c61bfb58adc812f15d3d27cdfe4a77
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"29533-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:29 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
29533
x-xss-protection
1; mode=block
server
Apache
1492.a68e584579b8c2e7.js
id.css.ch/auth/ui/
2 KB
2 KB
Script
General
Full URL
https://id.css.ch/auth/ui/1492.a68e584579b8c2e7.js
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/runtime.a5fcb72dd38bddab.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
e59a6120cf307a7a6132078aeca04fe018d071237d30d39054872a049b9a12d1
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"1735-1718688826000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:29 GMT
last-modified
Tue, 18 Jun 2024 05:33:46 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
text/javascript;charset=UTF-8
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
public, max-age=31536000
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
1735
x-xss-protection
1; mode=block
server
Apache
configuration
id.css.ch/auth/rest/public/authentication/ui/
322 B
363 B
XHR
General
Full URL
https://id.css.ch/auth/rest/public/authentication/ui/configuration
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.a7c469be340deef0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
1bbbb1cd0e1f35a648ac75fa89b7612aea5d8484c927ac8ba9bfb498beba6412
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://id.css.ch/
Accept-Language
en
Pragma
no-cache
X-Continue-Flow
true
X-Same-Domain
1
Request-Id
|324443ccd33f4249b0ea5ef66f11b33d.c2e052a5e1ec4e36
traceparent
00-324443ccd33f4249b0ea5ef66f11b33d-c2e052a5e1ec4e36-01
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
If-Modified-Since
0
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
expires
0
date
Wed, 27 Nov 2024 00:25:29 GMT
last-modified
Wed, 27 Nov 2024 00:25:29 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
application/vnd.api+json
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
cache-control
no-store, no-cache, must-revalidate
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
content-length
322
x-xss-protection
1; mode=block
server
Apache
MuseoSans500-webfont.619169faeb3efa73.woff2
id.css.ch/auth/ui/
17 KB
17 KB
Font
General
Full URL
https://id.css.ch/auth/ui/MuseoSans500-webfont.619169faeb3efa73.woff2
Requested by
Host: id.css.ch
URL: https://id.css.ch/auth/ui/styles.08707b8b70dd5836.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
26d51505332c23d6cbda9334670d7311bbb034572931905ecd97e7783a15c3db
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://id.css.ch
Referer
https://id.css.ch/

Response headers

etag
W/"17620-1732003092000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:29 GMT
last-modified
Tue, 19 Nov 2024 07:58:12 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
font/woff2
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
access-control-allow-origin
https://id.css.ch
content-length
17620
x-xss-protection
1; mode=block
server
Apache
CSS_cyan_rgb.svg
id.css.ch/auth/ui/assets/custom/img/css-logo/
1 KB
1 KB
Image
General
Full URL
https://id.css.ch/auth/ui/assets/custom/img/css-logo/CSS_cyan_rgb.svg?c7a0e847f4fbd338b313
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
0cdb9ee0a9861e2c652dc044669c20fc744b65bf5dc0db0508dbd86df9bd5470
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://id.css.ch/

Response headers

etag
W/"1282-1732003094000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:29 GMT
last-modified
Tue, 19 Nov 2024 07:58:14 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
image/svg+xml
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
content-length
1282
x-xss-protection
1; mode=block
server
Apache
CSS_125_siegel_dfi.svg
id.css.ch/auth/ui/assets/custom/img/css-logo/
4 KB
4 KB
Image
General
Full URL
https://id.css.ch/auth/ui/assets/custom/img/css-logo/CSS_125_siegel_dfi.svg?c7a0e847f4fbd338b313
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
eb3dbfba8a4717a00537b58c42f7055a9ddfc38ba6e89d1829ca5caed793fc51
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://id.css.ch/

Response headers

etag
W/"4346-1732003094000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:29 GMT
last-modified
Tue, 19 Nov 2024 07:58:14 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
image/svg+xml
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=16070400
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
content-length
4346
x-xss-protection
1; mode=block
server
Apache
favicon.ico
id.css.ch/auth/ui/assets/custom/img/
4 KB
0
Other
General
Full URL
https://id.css.ch/auth/ui/assets/custom/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.209.96.18 Adligenswil, Switzerland, ASN3303 (SWISSCOM Swisscom (Schweiz) AG, CH),
Reverse DNS
id.css.ch
Software
Apache /
Resource Hash
443f5da46f138d77ca2716502e5fb652a9f55c763256cfd970113e0c2b2adf74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://id.css.ch/

Response headers

etag
W/"4286-1732003094000"
expect-ct
max-age=21600, enforce, report-uri="https://cssversicherung.report-uri.com/r/d/ct/enforce"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/a/d/g"}],"include_subdomains":true}, {"group":"csp-endpoint","max-age":31536000,"endpoints":[{"url":"https://cssversicherung.report-uri.com/r/d/csp/enforce"}],"include_subdomains":true}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, POST, PUT, DELETE
date
Wed, 27 Nov 2024 00:25:29 GMT
last-modified
Tue, 19 Nov 2024 07:58:14 GMT
vary
Origin,Accept-Encoding,User-Agent
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
content-type
image/x-icon
access-control-allow-headers
Content-Type, Accept, Authorization, X-Request-Source, sessionId
x-frame-options
SAMEORIGIN
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true, "failure_fraction": 0.05}
access-control-allow-credentials
true
referrer-policy
origin
permissions-policy
fullscreen=(self), geolocation=(self), sync-xhr=(self), accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges
bytes
content-length
4286
x-xss-protection
1; mode=block
server
Apache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
switzerlandnorth-0.in.applicationinsights.azure.com
URL
https://switzerlandnorth-0.in.applicationinsights.azure.com/v2/track

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| iam object| __tsUtils$gblCfg object| __dynProto$Gbl object| webpackChunkapp function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched boolean| __zone_symbol__ononscrollsnapchangepatched boolean| __zone_symbol__ononscrollsnapchangingpatched function| __zone_symbol__queueMicrotask object| Arrive number| uidEvent object| __zone_symbol__loadfalse object| __zone_symbol__resizefalse object| bootstrap object| Mustache function| _ object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__onlinefalse object| __zone_symbol__offlinefalse function| arrive function| unbindArrive function| leave function| unbindLeave function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener function| eventListeners function| removeAllListeners

7 Cookies

Domain/Path Name / Value
cp72.webserver.pt/ Name: PHPSESSID
Value: a7jgtlqtumbmts7uvsgcijs1j6
my.css.ch/ Name: ai_user
Value: lICKG6WohUpiDL+OW1BihU|2024-11-27T00:25:26.957Z
my.css.ch/ Name: ai_session
Value: eYgmUwTwazRtN8m9RwX0fV|1732667127187|1732667127187
.css.ch/ Name: CSS_SESS-S
Value: AV!OSONVIfkmkdcOGMS2Yzhm_23v2ZLcsG0uV0yrRuyGtRdoluK_WLEdo_KLvSv2bxp1
.css.ch/ Name: CSS_LB-S
Value: $xc/MCka3g7JWH4eD92De6HBGq54Voyw3qAQ8bJJplzkmmrn!_bH
id.css.ch/ Name: ai_user
Value: YiDI85LEJYILx9exWdh/7w|2024-11-27T00:25:28.623Z
id.css.ch/ Name: ai_session
Value: YriZR5WZbqH5s6JyDUnsw7|1732667128635|1732667128635

15 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vr'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, encrypted-media, fullscreen, geolocation, gyroscope, magnetometer, microphone, midi, payment, picture-in-picture, sync-xhr, usb. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vr'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: autoplay, camera, encrypted-media, fullscreen, geolocation, microphone, midi, payment. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vr'.
security error URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.a7c469be340deef0.js(Line 1)
Message:
Refused to connect to 'https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json' because it violates the following Content Security Policy directive: "connect-src 'self' *.css.ch *.cookiebot.com *.applicationinsights.azure.com".
javascript error URL: https://id.css.ch/auth/ui/assets/custom/js/iam-custom.a7c469be340deef0.js(Line 1)
Message:
Refused to connect to 'https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json' because it violates the document's Content Security Policy.
network error URL: https://id.css.ch/auth/rest/public/authentication/oauth2/authorization-servers/css/authorize
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' fonts.googleapis.com unpkg.com; img-src 'self' data: blob: *.css.ch maps.gstatic.com maps.googleapis.com cssversicherung.scene7.com mapsresources-pa.googleapis.com; font-src 'self' data: fonts.gstatic.com; media-src 'self' data: blob: cssversicherung.scene7.com; script-src 'self' 'unsafe-inline' assets.adobedtm.com; script-src-elem 'self' blob: assets.adobedtm.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com; connect-src 'self' *.css.ch maps.googleapis.com consentcdn.cookiebot.com *.applicationinsights.azure.com cssversicherung.scene7.com assets.adobedtm.com edge.api.flagsmith.com js.monitor.azure.com; frame-src 'self' *.css.ch css-production-messaging-webchat.patty-awseuc1.swops.cloud consentcdn.cookiebot.com; object-src 'none';upgrade-insecure-requests;block-all-mixed-content;report-uri https://cssversicherung.report-uri.com/r/d/csp/enforce;report-to default;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://cssversicherung.report-uri.com/r/d/xss/enforce

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cp72.webserver.pt
cssversicherung.scene7.com
edge.api.flagsmith.com
id.css.ch
js.monitor.azure.com
my.css.ch
switzerlandnorth-0.in.applicationinsights.azure.com
switzerlandnorth-0.in.applicationinsights.azure.com
13.107.246.45
184.28.89.29
194.209.96.18
2.16.164.89
20.250.75.149
35.71.155.136
51.107.48.68
94.46.168.20
01aaddd4b288320b53db40d3164c5480bb95dc79aefc044e04ccdc7642829b82
02eb87c9f81b7d4c286eca21144b4ded28ed5969c986b8eaea965258bd7f1ff1
03e4683e8b0d2273b0cfdd4bc3f4a5785a361e38cc76a587aa80eeef281d3fb3
04f0c7c056949295c858975ab5eec3a13a4d5d375af0afae93457589594cfbab
09671013d88a881550428c47cce5d42b4e9b526d87c7d760b5897a6b9925ff88
0bb2c7b59d53e56ac6032df764c5d6487bc00338346c7077202fff4759e7f50c
0cdb9ee0a9861e2c652dc044669c20fc744b65bf5dc0db0508dbd86df9bd5470
0d3cbf4ca475a33584cf06b59b234726b2658e1c1736437fed112b46e45c44f5
0dd60776bd46b3f2cc5ac8fd8c83687a585dc9ab01827ba66e77d5e173e02ecc
1175ab636b4aff3fefb573203f3697cb9682ba6bff6ef1f269c4e7061756cb8d
120fc2e15235136f8e5fbfc2f8d3f64f94c0edbe7d2b23603331c8f01a38d28e
14e007173cb0966c63437335d00a02c39fef65991733dccc505d66536aa3fe0d
156f06beffac3131a39b4f283110d476c16f547c5c27c58a76380be035f1bffe
15aefa9d35bdbc3bc176cd0a3fc78847c5b172684c696c2d26491dc509ffd4a2
15f46f190b711c9e5c7a421970982bd139b905018a6076eaabce77a442fba41c
16ccca0f9ed23a07eb7340d4cfbe70957f2a336894a4c01add83e6b5de200cdd
173d9fe05b29be9682dedd8034025e256b7fe31a83741fbd25ee3307f22c6a9b
184d53ce0e02a39cd434b8dd66e2da3dd45c00bbc386ed2f3eaf4c2527c084ac
18e190ecef8f0abab753ce7d080a9226db06ccd7ef307e7b23e3d1311aecabcc
192053163d2559ec9db2f99d7d68208bfc684687b02c925b4113a45aa07599cd
1bbbb1cd0e1f35a648ac75fa89b7612aea5d8484c927ac8ba9bfb498beba6412
1cad55157377dfe4465cfb186dae64f5c2ea57294099bb79dc82ce5608539aed
1ecc40560fe1a9379b028cbff83fd74dae7fde982c8bf65332dab9cd996c5281
1f8ea35ba1863550a9252298dc47366db13e6fcfebf28b2814c1fe6654d7c2d4
226a231ce1028a60148cd1da305104b25ff215d590f90d9845f60e7dfd8ab1da
22fe330bd0c2045ccbf424452198a5292fbdd1aba106e3a9c86378db98b24d53
24bbac3376a3aaed9d1ee9c421ad5a4f736adfe1467e9afe1dfdeb04fc35c71e
25f0664272677a3f1de14a2800edecf83935da3a625e1441a4a7982bc947888a
26941ac1cce9e48241667eb3cfbe7a921ce046b7ecb5475bdb80cfebe3b052ed
26d51505332c23d6cbda9334670d7311bbb034572931905ecd97e7783a15c3db
28068ef87eebe9c924f5f8e6250a2c59138b2577e36882d8dda00396e64cec67
2a2c21a9c513cf35dd3137a79cafe60eaf553a8d7dcd7c76977082d0c99aaaf5
2be8c210b4b838e9c3c2edfc79862ff073cba4de5f7d264e4de8a37b99d6bfed
2e74daf40163bd7bbf26e1b300b1f54b86bff72c8548d30ed15e0b2d451e2219
2ee10ef69cd2e564fde62a67ccd43d9c3f69871a2f87a4635072c23988753d44
30a630c483eae420e4d3bbd21fdc1579a1bcad0624de236777b273e67ff20f8b
38be32fd575e764690d6ea7e23b06e22349201dbc2d95ff6bace736230dba640
39bca63503f5685c78302e3ae402b5dcc59e43122e08ec21b27fc17dc541f076
41d73614db922a23bcdc7ef4dd1ee3c6985ff963ef994fe2905be26528a3034f
443f5da46f138d77ca2716502e5fb652a9f55c763256cfd970113e0c2b2adf74
44c786aff03fbb4bb02e3c369c87b91e858cd653029e9ef8f13f176f61efcb8d
467dfd94d2f3fc07b180873e78455d838d0a66763625bafee9c14a34968bdbdb
46b5e5251724cd6aad0a7dc21529b2a774318d07e4093c3aa275cc5d8fb03577
477c3f1aa2e923828899ef043c895b22d6a2f40468b67d495dd6beefa0922a3e
4846dc3abe15d62304819679e01ea8e0fa31e67288722a2b3475082a0821e540
49c8b4b45af47d8e199556948e79641947a10f9427a09c5199f59fcffcb6f0be
4bcabf8193d8aba6d39a50fc9097abc1ee8ec127fb9033624075fd4b17f6aee9
4c75a6ba3bf09a1496d474c6e0687453be21570e66645b52694f06e7d75749e2
4da8ba784468aafc9253e469bfc65bcb24b563a4955eece94323f705a6027d5e
4e40bf4d94b62a21afd36d81778aec9a4c82e7e7644a2096a233b943dbc904b6
4e7bdec884dcc94de26fe95a6e32c0f5fd78a1c8f7aab28e10e9d7196affad29
4fd0bec4e0f6c7dd4269f62b0f98111c532e95a0a93e168cf78365cc2fcebe43
5180491ba74eee59c3454fc581cfbd1149c61bfb58adc812f15d3d27cdfe4a77
52b34979bb3dc5101f45cf51c4d6fa7f05b4c4b112659ca6543c60762a8216c0
54d5a65ad73975ba4f32c410f6448a25ef4d35c801cc9ece1e856ff2569ca71e
57573ae3d35b0cdbdf6f4a0c8d25e976cdb8fbe1553652ef769a66a5c7aa82e0
579482017c51566ac55254e502dd35542da98781b9c284ae888377e371552d02
5877236ed7ea15230f0938211a9932cc1f162174dcd062a8a51c5380c9bf2159
596ad8bc9a806faad5825acb891b9ff357c66810f900c0e8bd4cee194bbc3d0f
6130073baa89ab9bcf24d2704e0c42a9e9f60b04c002f9a427119ae747ad715f
64ac278a67256ae70d462c23307e75416d4e5a0a060f95e124be57772ee5b43f
658f9e7ff459ff1334853698d0c83a414f24658c0bb0547f96643498c4cc446c
65e2989e197a88941aa0c3bdb1246c2acf99b98ae2cdb76071ed27cce85fc968
667fa7212de4bbca0326f43adbce08dd34eaf31979c5af9a06c5527239107f14
6707dba3d03dce6acab4c24d9936c29bd7a66eec5d167e046f72484765f05d84
672b310a82961c6aef20231705ca74434f98e10cd7980bb2186ee4898ef22819
6b3fef1e01af6453f7f9ab1e433e34520a2dcb06798e24b6e9881319c3c42f88
6cffdcb0572cd690f6aba8298d5e4dd424023e2221d154e9b8db488c31e26dda
6dfb24e850f09de9e9d7575d093c1a11145a97b6fb251b0fc92352b876849910
73a51959b97b95d9ca1d037b0df0ae474e0a4180721ea16c6e5f07984ba7dcc7
73d2de38c926993924a4df0afd4ec669364162bc69b0d02601096fddf4447340
73e86f6f90ec4a36ad62f753aed1b5e8f8de79184938098eff4ea04cc98025ee
7691c760a58fe672e9848ad70e7280a74e8d959732af304fd8410bc6e1819d0d
79925309ee0cdcf51dff7b33da7f189e614a96da503d6fb0840f328214fdbf5f
7a8f8d826ba1e489dd07946be4a1dd6becab5935c7f963f6b7e99497fec3a1a0
7c18f72cc8a0431809070d56a0715c342c4f34e0ebc85b0cd199c099c15c6152
7c3152dc5b90a96056e64dfbd04f3bfb026a40d62d607ae8d3ff6954b9a1c811
7c574997362eed2381b9f865be5929d3f9148d43d0793ac7ced4919b85c3571f
7e482f3ed2e9bc65caf3afe5ab8bbdd5e9a9fec172666e2f907f08d147c5fb06
7e8992f0761844921c28e126ead419080788b51d9eacc8c3d353b4f1aafd3fd5
7f55ff0c4c11941820ccddf4e58824aa067b8227375b68ab0bbb13f7b1fd194c
7f8c47a416c251a0ed7433a71ca35ae6a4363112ea83b1357926bc2cd2b83836
86b15edf16eae17b184b375cd0173e6883ac2bc694feca067c68e2fe1d16958c
88ca2a80f09237547350197e2027844849b74bbc085cb7abf4122ed169affafb
88e6984ac98ccee9aa588f10eda8d43ed8801d7fa8c08f23c77bcbe806218190
8ab6df629aa05df86c2bfdd26120601d742c2a26466454fb18f3b7b27f2a44c6
8ab95639584f1091ae6c6c6851a089bdda8819b15b5034fd6694c7c7963f9abe
8b6e2407411200d45fd9a8db9b81a6068ac8f8224e63ec57265d5e4228d2564d
8f34a992a8736e14af2d7934116f99c4dee509040aafd44961bd3197c48feb5c
8fc58a8e281eb5e7c778968a5dcffde546dfca1235da92cd7447ae43864bd911
90bbc7bfa7153c47da70a524c83aeeae78cf804215b177c2e042d63a664e193d
9159de487ab6a6238781d36e9e14cddd2bf21d43b23be179b6f9cb87e23f177f
9364f0149d08c8ed0c02ca2aa7ca3421ff64e6213523572d3b4aedc54e95af47
9a720f0e8d387a2b538c8fc94195fc0c890dd13eb6b9763983741ace8684f956
9b0e3b7118d9987303555e13b466c6ef4c9980792c3f1dd11a01d93263da9cd0
9b89798eefeff44bcb74c6df5efb56d1a580bde871bd8249706b3077423ee0c5
9cbc818b07cd89e75df1e760498ae03e82d16223a3613e55dacee70a4dafa5b6
9d22e9bc960b76ab7cff17e065376a4d5f31fda44a027c43222cafaf6b9741f8
9daa4015cdaec2387671c536ac2cee3900bb8fc3a6e521df630b935b9bc44597
9e63a31f92aa355a1415b1dcfc2eb3832fb5d25e6709b8803c1c10c6f3baebe1
9f22ce2798191bb953717a281c2c4662d094c3f1c64b05282b8b6cf6433c702a
a0101cdf81dc566e14000b05e67ef1b124c57467352d231ab01f3a14f9417e24
a099ba07eea51c402659cb6f4479a65aec7b895b2a6dd20b32f5c31d65079a5b
a41fa14faa482a23d766a387a160a9faaa79e83e6ff164c81434218efdc8a646
a4a19a58b5c8b94d49d0e973ef664b7ef29c2b58fad43857e5c9e67c8ee2aefe
a8be0523404cbcaf71c04790f69a0baaeea2dd9c7469f96c9ef17b39f46c5c60
ae4c5265fd687ed54f558516f5e83602054a7474bf7851966edc57e1502c7c50
b116b0b4883d08413d076acfa4fb93bbdeaf73cd11511be51cd0360ac53ac80e
b35d3f81ee048cc98f2e005fb16052ac49a0bc0f9e41d03f680b91aa4131769e
b4b1a6ed0ae3688621b153cac18b902a6af0976b9f4c0fb82556568aac764bc1
b50b7529acbbf44a95c522f4557a1fb6d1892a2c6a1abf359429e7c464b07622
b5c9220b1b0e378b04fdd5f9ddc041693758b87e80cc3695b64c0f58ea55575e
b6267eec84b2efe1ffb342c6a20d953793a9842e405347fd7a599088d047ac42
b64970267810d0bd8fe52285c2191ee909d682722552e86a98534dfb131ad227
ba9fd88006022114ac4f05afc33865c5f3f304391439a2ecb7e8a0fb6cff4c5a
bdaf09e3859577eee6f7d2b1910874289ed3e6894d60990c1c822361caca10d1
becd4ded165ff751851f409fe46011fae549020f295d38a3b582acdc89e2a206
c52b89d5f77adf9f5a5d23f7546b30dcbbd848f9cce14865a5ea893014d6a85e
ce3756dee50960f2b54b9949768325a0dc6cf9b29e238634b6f937574282e4cd
d1dc8c6cd7a9dd3060126d771950b6ebf0b64d66440405280323092a2ca0a402
d67f636a417e99fabe27fbd3510ccf652124bdee4bde1b95550b5a1948ab8656
d76e59cf794cce3e6dd634e26a034fd01dd85e54398c70a8310a95cf2ec2b247
db92b29df9a4f78d43079b278cfbd86a4ee939e45bcf65d26e96f05c0b469068
dc1979adbb5fcb8d71ad0a0808168555de5132eba802f5f0bf1b0bb3fbbde626
dc6916a6516ba000f60211389dda63b024975ddc65fd3cf57f87c5cc380d2a26
dc777188e991ec0032ffff0271f046466df50735fc49079ab89d30ec351ab3a0
dcde0aa43386104265e30aa734a2f7afc188bae7b872beaac115ba1f4a3fd3a4
dd0de6a1b462a05bd3da6108feacf9b639896e598520398c21d560148a83e3e0
dd1d878a8c74cdeb0d8362239d40873d24691d94f37b454cf1d24d56b80a476e
df0241839df1a480bda17a608399f8a4ce5b6394967a7ae514a5fcc7388256aa
e337357e4a13c9d8a4f1c9cf0800ff0ab1a9d532d77f5db4e1d707c577a17036
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bda1893baf4f8d872443365ba800e3ad76ce0d5db9a4097ca6882d36d6f7fc
e59a6120cf307a7a6132078aeca04fe018d071237d30d39054872a049b9a12d1
e790a2ddb0781ad52be7a8d0ff91b24d97f5facad998f8d5f6244268bd5542ac
eb3dbfba8a4717a00537b58c42f7055a9ddfc38ba6e89d1829ca5caed793fc51
ecd6409452281dfbc8c465a0984db678312887e9ce7cbdf19267a332694f291f
ece06f0c16a254f73ebcb97bff06c8f122c50c4bd73040435c09f68588c732d7
edf78b5a40890dbff3e6af07705667b8ce1cf353377c3ed30757e152a8151f0d
eed9b7322dbd260bfcbc77c5d59608ee574cfb899571e8c767aabf5b60e85cdb
ef579426bc061fd2a183514d27fb9bbf3b469b96a0ca5a96bc1cbc1a9238555c
ef7762ad5af36c7164896980ac9ebdd03dd9027242a65f61d4f528a950ad51ed
eff1e249de193e593201e73e4958d0594251a14940529bdb81419dfda23adb63
f16296f340f00b661b7ece9c447eb9f315e18afedca089db0a5d01d40ed057fc
f232709d4c0a7c80f98545926cb85764b471649f9d5a8f71a4a05d5e84be9c11
f4200efceb1a8d855aa7d9c81c8322cc6be13bbf5a8598ea50c57c38b892d293
f669894a906b64e054b13fdb58c5ed54c61daf76ad62ecad50567586646dfc52
f6cb5ddf3d745ffb88ceb74df564f510f0240ed58f880c98eaada6406715fdd1
fae9b03cff0ca9eea3e9d7fe04649b2c7b088f9195c2b72487d1225185d37fdc