urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1027:1:158::2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://contacts-test.raiffeisen.ch/
Effective URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=bf6dc722-cab4-4c95-98c2-9e9d77a877f9&redirect_uri=https%3...
Submission: On August 07 via automatic, source certstream-suspicious — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 9 domains to perform 54 HTTP transactions. The main IP is 2603:1027:1:158::2, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 15.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 21st 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 51.107.58.162 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
9 20.208.5.32 8075 (MICROSOFT...)
4 51.107.48.68 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.239.251.228 8075 (MICROSOFT...)
2 2603:1026:300... 8075 (MICROSOFT...)
1 1 2603:1026:300... 8075 (MICROSOFT...)
1 2603:1027:1:1... 8075 (MICROSOFT...)
10 2606:2800:233... 15133 (EDGECAST)
1 20.190.159.75 8075 (MICROSOFT...)
54 10
22    51.107.58.162 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
contacts-test.raiffeisen.ch
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    20.208.5.32 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
contacts-api-test.raiffeisen.ch
4    51.107.48.68 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
switzerlandnorth-0.in.applicationinsights.azure.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.239.251.228 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
raiffeisenstoragedev.blob.core.windows.net
2    2603:1026:3000:d0:: (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
contactifybiztest.b2clogin.com
1    2603:1026:3000:d0::6 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
contactifybiztest.b2clogin.com
1    2603:1027:1:158::2 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
10    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    20.190.159.75 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
Domain Requested by
22 contacts-test.raiffeisen.ch contacts-test.raiffeisen.ch
10 aadcdn.msftauth.net login.microsoftonline.com
aadcdn.msftauth.net
9 contacts-api-test.raiffeisen.ch contacts-test.raiffeisen.ch
4 switzerlandnorth-0.in.applicationinsights.azure.com contacts-test.raiffeisen.ch
3 contactifybiztest.b2clogin.com 1 redirects contacts-test.raiffeisen.ch
2 fonts.gstatic.com
2 fonts.googleapis.com contacts-test.raiffeisen.ch
1 login.live.com login.microsoftonline.com
1 login.microsoftonline.com contacts-test.raiffeisen.ch
1 raiffeisenstoragedev.blob.core.windows.net
54 10

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
contacts-test.raiffeisen.ch
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-08-06 -
2025-02-06		 6 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
contacts-api-test.raiffeisen.ch
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-04-23 -
2024-10-23		 6 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-07-03 -
2025-06-28		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-06 -
2025-06-01		 a year crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2024-05-09 -
2025-05-09		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-05-21 -
2025-05-21		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2024-05-25 -
2025-05-25		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-05-09 -
2025-05-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=bf6dc722-cab4-4c95-98c2-9e9d77a877f9&redirect_uri=https%3a%2f%2fcontactifybiztest.b2clogin.com%2fcontactifybiztest.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode=form_post&nonce=MfF1VOWjqQg0wwySfDdcyQ%3d%3d&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6YmRhMmFiNGMtNTYwOC00ZjA2LTg2YmItNzZiYjA5ZjJlNjcyIiwiVElEIjoiOTRjOTQzZjQtMDVlMS00MWExLTk5YzUtYzJiOTQ0MWY5Y2E3IiwiVE9JRCI6Ijc2MjkzZmRiLTgyNjktNGJhOS1hMTEzLWQ5OWFkY2U0NjFjMyJ9
Frame ID: 50722B6D3A3DD2E1790B6636232939D2
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://contacts-test.raiffeisen.ch/ Page URL
  2. https://contactifybiztest.b2clogin.com/contactifybiztest.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize... HTTP 302
    https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=bf6dc722-cab4-4c95-98c2-9e9d77a877f9&... Page URL

Page Statistics

54
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

10
Subdomains

10
IPs

5
Countries

999 kB
Transfer

3173 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://contacts-test.raiffeisen.ch/ Page URL
  2. https://contactifybiztest.b2clogin.com/contactifybiztest.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=86b94ff6-2cd0-48ee-a3b7-a0f6d5dbae61&scope=86b94ff6-2cd0-48ee-a3b7-a0f6d5dbae61%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fcontacts-test.raiffeisen.ch%2Fad-redirect&client-request-id=6140b9fd-ddd8-4f03-8472-b0371ecb9c3f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.32.0&client_info=1&code_challenge=c5fa8gOeqBqqLjEV4PB4cU8M21phYgP4OYBt_nnjhpY&code_challenge_method=S256&nonce=f564a123-36bf-4763-882c-48d017c041f5&state=eyJpZCI6IjJjNjZmODUwLTIwZjAtNDEwNi04OTVmLWNhMjFkNDI4YmUyNiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D HTTP 302
    https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=bf6dc722-cab4-4c95-98c2-9e9d77a877f9&redirect_uri=https%3a%2f%2fcontactifybiztest.b2clogin.com%2fcontactifybiztest.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode=form_post&nonce=MfF1VOWjqQg0wwySfDdcyQ%3d%3d&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6YmRhMmFiNGMtNTYwOC00ZjA2LTg2YmItNzZiYjA5ZjJlNjcyIiwiVElEIjoiOTRjOTQzZjQtMDVlMS00MWExLTk5YzUtYzJiOTQ0MWY5Y2E3IiwiVE9JRCI6Ijc2MjkzZmRiLTgyNjktNGJhOS1hMTEzLWQ5OWFkY2U0NjFjMyJ9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
contacts-test.raiffeisen.ch/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
22b8eec482c32804d27a4905a16093d7917b24e5e3a7f7c22876fbbc531961c5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
access-control-allow-origin
*
content-encoding
gzip
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
content-type
text/html
date
Wed, 07 Aug 2024 11:07:54 GMT
etag
W/"66a354d7-1ebb"
last-modified
Fri, 26 Jul 2024 07:48:39 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		5 KB
738 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;500&display=swap
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02b712f7df8700b1250afc30abd7ebe3910214de12c809b662c038245009280b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://contacts-test.raiffeisen.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Aug 2024 11:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Aug 2024 09:23:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Aug 2024 11:07:54 GMT
css2
fonts.googleapis.com/ 		2 KB
948 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Playfair+Display&display=swap
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4edd70d08695985c44fb9bb16cc7890e625e4b4a0fb9cffab53b5d8368f3b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://contacts-test.raiffeisen.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Aug 2024 11:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Aug 2024 10:18:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Aug 2024 11:07:54 GMT
styles.118e19533148ddf7.css
contacts-test.raiffeisen.ch/ 		236 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/styles.118e19533148ddf7.css
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
65dc164a2d65e4d5769a6ff5ab1bec2f8b0bc581c31312a5ed3859fec370fedc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-3b09d"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
text/css
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
runtime.b7329c135b614d17.js
contacts-test.raiffeisen.ch/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/runtime.b7329c135b614d17.js
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
f865f398c72454ea11d6e801de666c3dfe4bb22768cceb7f0e1c65a86acfc505
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-1014"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
polyfills.53abc5fed72ddf08.js
contacts-test.raiffeisen.ch/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/polyfills.53abc5fed72ddf08.js
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
43d772997b48356d078211dfe71ed9ff33326738a5225f49f35ddb6b367731dc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-8488"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
main.1d318b9c8f895e67.js
contacts-test.raiffeisen.ch/ 		1 MB
383 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/main.1d318b9c8f895e67.js
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
5cc46be727f38a405b8fde664868037eeb4ec800e81446f94b38b767bd34e1f9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-129682"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
FrutigerNextLT-Regular.63af722fd94a3038.otf
contacts-test.raiffeisen.ch/ 		26 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/FrutigerNextLT-Regular.63af722fd94a3038.otf
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/styles.118e19533148ddf7.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
2164ec40d9e8bad9c1dc8dc4955cf6eb2ab5cb69b4b1109cec2c43e8131fbe87
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/styles.118e19533148ddf7.css
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-68b4"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
de.json
contacts-test.raiffeisen.ch/assets/i18n/ 		22 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/assets/i18n/de.json
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/polyfills.53abc5fed72ddf08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
30d0406fe51930f5f08d1d10134809e431af37e342bc18e959b07c3be58a30b9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://contacts-test.raiffeisen.ch/
traceparent
00-7e64ab61000c439db907cbfb89f0d146-2381da21e4b54c55-01
X-Robots-Tag
noindex
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:39 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d7-5944"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
4879.c9641f20e06bdfc8.js
contacts-test.raiffeisen.ch/ 		1 KB
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/4879.c9641f20e06bdfc8.js
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/runtime.b7329c135b614d17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
a685afa7dbb4ab6172a785c913f900e8177472c77a51659ab0ae8bc871770b58
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-4b3"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
2439.c92609a5f6eed9f9.js
contacts-test.raiffeisen.ch/ 		132 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/2439.c92609a5f6eed9f9.js
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/runtime.b7329c135b614d17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
9807dd0e7ca69baabacf13338989694aa0766e346d0726a29cd404bb8e3f1749
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-211ad"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
576.aae820d2ff69d183.js
contacts-test.raiffeisen.ch/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/576.aae820d2ff69d183.js
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/runtime.b7329c135b614d17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e451e0defdfccecb531f53a7514a4b3c359313243120231dbc7f77fa0a77bef4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-6072"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
user
contacts-api-test.raiffeisen.ch/api/single-user/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contacts-api-test.raiffeisen.ch/api/single-user/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.208.5.32 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent,x-robots-tag
Access-Control-Request-Method
GET
Origin
https://contacts-test.raiffeisen.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-XSRF-TOKEN,X-Robots-Tag,Content-Type,Authorization,traceparent,tracestate
access-control-allow-methods
GET
access-control-allow-origin
https://contacts-test.raiffeisen.ch
date
Wed, 07 Aug 2024 11:07:55 GMT
request-context
appId=cid-v1:242efbed-ca96-47a3-ae10-d8f75a605ad2
server
Kestrel
vary
Origin
info
contacts-api-test.raiffeisen.ch/api/single-user/dedicated-tenant/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contacts-api-test.raiffeisen.ch/api/single-user/dedicated-tenant/info
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.208.5.32 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent,x-robots-tag
Access-Control-Request-Method
GET
Origin
https://contacts-test.raiffeisen.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-XSRF-TOKEN,X-Robots-Tag,Content-Type,Authorization,traceparent,tracestate
access-control-allow-methods
GET
access-control-allow-origin
https://contacts-test.raiffeisen.ch
date
Wed, 07 Aug 2024 11:07:55 GMT
request-context
appId=cid-v1:242efbed-ca96-47a3-ae10-d8f75a605ad2
server
Kestrel
vary
Origin
user
contacts-api-test.raiffeisen.ch/api/single-user/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://contacts-api-test.raiffeisen.ch/api/single-user/user
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/polyfills.53abc5fed72ddf08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.208.5.32 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://contacts-test.raiffeisen.ch/
traceparent
00-7e64ab61000c439db907cbfb89f0d146-f29071e30185499a-01
X-Robots-Tag
noindex
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
Kestrel
vary
Origin
access-control-allow-origin
https://contacts-test.raiffeisen.ch
access-control-allow-credentials
true
content-length
0
request-context
appId=cid-v1:242efbed-ca96-47a3-ae10-d8f75a605ad2
info
contacts-api-test.raiffeisen.ch/api/single-user/dedicated-tenant/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://contacts-api-test.raiffeisen.ch/api/single-user/dedicated-tenant/info
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/polyfills.53abc5fed72ddf08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.208.5.32 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
85a27349a91e938179686119b7f5509012012b0afbe66c65e5f2616ba510bace
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://contacts-test.raiffeisen.ch/
traceparent
00-7e64ab61000c439db907cbfb89f0d146-409b94b4eb6b47c7-01
X-Robots-Tag
noindex
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
Kestrel
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://contacts-test.raiffeisen.ch
access-control-allow-credentials
true
api-deprecated-versions
1.0
request-context
appId=cid-v1:242efbed-ca96-47a3-ae10-d8f75a605ad2
favicon.png
contacts-test.raiffeisen.ch/assets/images/ 		5 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/assets/images/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
aeef4086d871b610f402dc4d89ceced22fb74d42cef7b1d377c972a20587434c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:39 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d7-1230"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
track
switzerlandnorth-0.in.applicationinsights.azure.com//v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://switzerlandnorth-0.in.applicationinsights.azure.com//v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.48.68 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://contacts-test.raiffeisen.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Wed, 07 Aug 2024 11:07:54 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
switzerlandnorth-0.in.applicationinsights.azure.com//v2/ 		62 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://switzerlandnorth-0.in.applicationinsights.azure.com//v2/track
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/polyfills.53abc5fed72ddf08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.48.68 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
5e5fbeccb2c4426dbdd4d70dac039d69223ab935c9a43226b24b3ca75a32b637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://contacts-test.raiffeisen.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Wed, 07 Aug 2024 11:07:54 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
common.ae1309d883f6ec1b.js
contacts-test.raiffeisen.ch/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/common.ae1309d883f6ec1b.js
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/runtime.b7329c135b614d17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
bd636e38d50856c915e741ccf6b0594f6544a5f0f28bd6158e3c6337073647c0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-3c13"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
9599.4df45d868dc13c5e.js
contacts-test.raiffeisen.ch/ 		2 KB
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/9599.4df45d868dc13c5e.js
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/runtime.b7329c135b614d17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
82ff22dedd2bdf74e9ebf007df351208c9af5ebddb77c79b1d0fb4fc34460d68
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-62b"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
token
contacts-api-test.raiffeisen.ch/api/csrf/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contacts-api-test.raiffeisen.ch/api/csrf/token
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.208.5.32 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent,x-robots-tag
Access-Control-Request-Method
GET
Origin
https://contacts-test.raiffeisen.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-XSRF-TOKEN,X-Robots-Tag,Content-Type,Authorization,traceparent,tracestate
access-control-allow-methods
GET
access-control-allow-origin
https://contacts-test.raiffeisen.ch
date
Wed, 07 Aug 2024 11:07:55 GMT
request-context
appId=cid-v1:242efbed-ca96-47a3-ae10-d8f75a605ad2
server
Kestrel
vary
Origin
token
contacts-api-test.raiffeisen.ch/api/csrf/ 		167 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://contacts-api-test.raiffeisen.ch/api/csrf/token
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/polyfills.53abc5fed72ddf08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.208.5.32 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0707a5987432234f9f382150b9aa370d94e3f525a383891d717570c645acd4ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json
Referer
https://contacts-test.raiffeisen.ch/
traceparent
00-7e64ab61000c439db907cbfb89f0d146-89a02bd88dbd4f2b-01
X-Robots-Tag
noindex
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Aug 2024 11:07:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
Kestrel
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://contacts-test.raiffeisen.ch
cache-control
no-cache, no-store
access-control-allow-credentials
true
api-deprecated-versions
1.0
request-context
appId=cid-v1:242efbed-ca96-47a3-ae10-d8f75a605ad2
7912.600898a723b61733.js
contacts-test.raiffeisen.ch/ 		703 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/7912.600898a723b61733.js
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/runtime.b7329c135b614d17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
ac7c637f047a189f40860cd5a3201929af8388cd27a8fae10cd9ff0935fccaf3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/login
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-2bf"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
799.dc8ddec04c5f6d14.js
contacts-test.raiffeisen.ch/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/799.dc8ddec04c5f6d14.js
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/runtime.b7329c135b614d17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
b193c81f620935caa38acd1317cdff3747b7d4e9f6e94e09a1ac70a24f72dfa5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/login
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-34a0"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
439.2a071e41c97003e6.js
contacts-test.raiffeisen.ch/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/439.2a071e41c97003e6.js
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/runtime.b7329c135b614d17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
231f7f29d6c4a7679e1fcc35edee24607cf123c8a9adff44909346a86c97a141
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/login
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-3ddb"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
7943.1197d68704f36a3b.js
contacts-test.raiffeisen.ch/ 		908 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/7943.1197d68704f36a3b.js
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/runtime.b7329c135b614d17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
2aa09064b104cde947ebf35b54c0d8cb3f4a1c78365240beb17824d3684a9864
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/login
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-38c"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
345.d70dfe8b2c3acc33.js
contacts-test.raiffeisen.ch/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/345.d70dfe8b2c3acc33.js
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/runtime.b7329c135b614d17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
f5afb3ee91377dd607905204696cf18ab6e99e29129e507ff5028ccdd11d6cd6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/login
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-36da"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
847.81f70bcdddc157f7.js
contacts-test.raiffeisen.ch/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/847.81f70bcdddc157f7.js
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/runtime.b7329c135b614d17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
b7d751ffe4b62cff393f0405bee8799dfb85ee16ab53c70e6abc64679eae1daa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/login
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-cb7"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
3939.2dd5310593c45b7c.js
contacts-test.raiffeisen.ch/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/3939.2dd5310593c45b7c.js
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/runtime.b7329c135b614d17.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
0295ffafbb008e92123b27b89c40926cae9c6396fdcea6ec88c27e37dd1a55eb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/login
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:36 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d4-2d9a"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
info
contacts-api-test.raiffeisen.ch/api/single-user/dedicated-tenant/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://contacts-api-test.raiffeisen.ch/api/single-user/dedicated-tenant/info
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/polyfills.53abc5fed72ddf08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.208.5.32 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
85a27349a91e938179686119b7f5509012012b0afbe66c65e5f2616ba510bace
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://contacts-test.raiffeisen.ch/
traceparent
00-b1b86ea7178e40919cae30fc5ef0055d-ba91c4d6965c4641-01
X-Robots-Tag
noindex
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
Kestrel
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://contacts-test.raiffeisen.ch
access-control-allow-credentials
true
api-deprecated-versions
1.0
request-context
appId=cid-v1:242efbed-ca96-47a3-ae10-d8f75a605ad2
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://contacts-test.raiffeisen.ch/
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:26:38 GMT
x-content-type-options
nosniff
age
70877
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11072
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Aug 2025 15:26:38 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3251f4935896ec37ada153d20d0109828ad08523127f136415355b3fca2dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://contacts-test.raiffeisen.ch/
Origin
https://contacts-test.raiffeisen.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 12:11:16 GMT
x-content-type-options
nosniff
age
82599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11160
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Aug 2025 12:11:16 GMT
white.svg
contacts-test.raiffeisen.ch/assets/logos/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contacts-test.raiffeisen.ch/assets/logos/white.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
1f4bb853001fd2171323b6c40d701f5dcb24b717982f0fb37c0020f5380676ae
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Jul 2024 07:48:39 GMT
server
nginx
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
etag
W/"66a354d7-1ad0"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
favicon.png
contacts-test.raiffeisen.ch/assets/images/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://contacts-test.raiffeisen.ch/assets/images/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.58.162 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
aeef4086d871b610f402dc4d89ceced22fb74d42cef7b1d377c972a20587434c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://contacts-test.raiffeisen.ch/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
last-modified
Fri, 26 Jul 2024 07:48:39 GMT
server
nginx
etag
W/"66a354d7-1230"
x-frame-options
DENY
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
x-xss-protection
1; mode=block
de
contacts-api-test.raiffeisen.ch/api/localization/language/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contacts-api-test.raiffeisen.ch/api/localization/language/de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.208.5.32 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent,x-robots-tag,x-xsrf-token
Access-Control-Request-Method
PUT
Origin
https://contacts-test.raiffeisen.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-XSRF-TOKEN,X-Robots-Tag,Content-Type,Authorization,traceparent,tracestate
access-control-allow-methods
PUT
access-control-allow-origin
https://contacts-test.raiffeisen.ch
date
Wed, 07 Aug 2024 11:07:55 GMT
request-context
appId=cid-v1:242efbed-ca96-47a3-ae10-d8f75a605ad2
server
Kestrel
vary
Origin
de
contacts-api-test.raiffeisen.ch/api/localization/language/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://contacts-api-test.raiffeisen.ch/api/localization/language/de
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/polyfills.53abc5fed72ddf08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.208.5.32 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://contacts-test.raiffeisen.ch/
X-XSRF-TOKEN
CfDJ8O1R7-lG0aJIknTG6DYQ_PbzhvOJmIEsVFXzUfJngSptgY0H5WS_LuidNnupPkdaQqGk0PozgF0ZdNXnqiENOzsENulvph8z3fViSi5TOqZ_7hcKdl515vOi_4Ja8pL88LU7u1fWJAg5i71i7GBLmjw
traceparent
00-b1b86ea7178e40919cae30fc5ef0055d-56f594ea67e14a7b-01
X-Robots-Tag
noindex
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 11:07:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
Kestrel
vary
Origin
access-control-allow-origin
https://contacts-test.raiffeisen.ch
access-control-allow-credentials
true
api-deprecated-versions
1.0
request-context
appId=cid-v1:242efbed-ca96-47a3-ae10-d8f75a605ad2
styling-Logo-De-e09cecf5-e592-4352-8b9a-f5d508bd9ee6.png
raiffeisenstoragedev.blob.core.windows.net/company-files/72663d96-283b-479c-8132-f064ab607557/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raiffeisenstoragedev.blob.core.windows.net/company-files/72663d96-283b-479c-8132-f064ab607557/styling-Logo-De-e09cecf5-e592-4352-8b9a-f5d508bd9ee6.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.239.251.228 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c624b1d17e53eeea8a2b5618121f1abd0edd1749409202c879dbf66641bcc928

Request headers

Referer
https://contacts-test.raiffeisen.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 07 Aug 2024 11:07:54 GMT
Content-MD5
lpJgHlheY6TuDdpT8IRgCw==
x-ms-server-encrypted
true
x-ms-copy-progress
4436/4436
x-ms-copy-source
https://raiffeisenstoragedev.blob.core.windows.net/company-files/66b680c7-2a62-43da-bd61-5e5e7859995c/styling-Logo-De-e09cecf5-e592-4352-8b9a-f5d508bd9ee6.png
x-ms-copy-status
success
Content-Length
4436
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Thu, 09 Mar 2023 14:00:44 GMT
Last-Modified
Thu, 09 Mar 2023 14:00:44 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8DB20A6AD566C54"
Vary
Origin
Content-Type
image/png
x-ms-request-id
869c7919-701e-0030-13ba-e8195e000000
x-ms-meta-Alias
x-ms-version
2023-01-03
x-ms-copy-id
f682d454-7f80-4b34-8e77-39b6ef0c4d79
Accept-Ranges
bytes
x-ms-copy-completion-time
Thu, 09 Mar 2023 14:00:44 GMT
openid-configuration
contactifybiztest.b2clogin.com/contactifybiztest.onmicrosoft.com/b2c_1a_signup_signin/v2.0/.well-known/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contactifybiztest.b2clogin.com/contactifybiztest.onmicrosoft.com/b2c_1a_signup_signin/v2.0/.well-known/openid-configuration
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/polyfills.53abc5fed72ddf08.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:d0:: Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
606043eda3ecb8fcdd48217a92148fae0c08e378b1cc047853bc55cc101b7587
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

traceparent
00-b1b86ea7178e40919cae30fc5ef0055d-28f40f587a8f4a47-01
Referer
https://contacts-test.raiffeisen.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 07 Aug 2024 11:07:55 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://contacts-test.raiffeisen.ch
Public
OPTIONS,TRACE,GET,HEAD,POST
Cache-Control
no-store, must-revalidate, no-cache
Allow
OPTIONS, TRACE, GET, HEAD, POST
x-ms-gateway-requestid
9799ea6d-912d-4686-9aff-c33b68bbb2b2
Content-Length
1386
X-XSS-Protection
1; mode=block
openid-configuration
contactifybiztest.b2clogin.com/contactifybiztest.onmicrosoft.com/b2c_1a_signup_signin/v2.0/.well-known/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://contactifybiztest.b2clogin.com/contactifybiztest.onmicrosoft.com/b2c_1a_signup_signin/v2.0/.well-known/openid-configuration
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:d0:: Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent
Access-Control-Request-Method
GET
Origin
https://contacts-test.raiffeisen.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
traceparent
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://contacts-test.raiffeisen.ch
Access-Control-Expose-Headers
Content-Length,Content-Encoding
Allow
OPTIONS TRACE GET HEAD POST
Content-Length
0
Date
Wed, 07 Aug 2024 11:07:55 GMT
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
track
switzerlandnorth-0.in.applicationinsights.azure.com//v2/ 		62 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://switzerlandnorth-0.in.applicationinsights.azure.com//v2/track
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/polyfills.53abc5fed72ddf08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.48.68 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e4fa1df5a5a536fe568b31a0d4916ce5b432cc7b480e5ce6edc0967aaee5e231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://contacts-test.raiffeisen.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Wed, 07 Aug 2024 11:07:55 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
Primary Request authorize
login.microsoftonline.com/common/oauth2/v2.0/
Redirect Chain
  • https://contactifybiztest.b2clogin.com/contactifybiztest.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=86b94ff6-2cd0-48ee-a3b7-a0f6d5dbae61&scope=86b94ff6-2cd0-48ee-a3b7-a0f6...
  • https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=bf6dc722-cab4-4c95-98c2-9e9d77a877f9&redirect_uri=https%3a%2f%2fcontactifybiztest.b2clogin.com%2fcontactifybiztest.onmicroso...
40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=bf6dc722-cab4-4c95-98c2-9e9d77a877f9&redirect_uri=https%3a%2f%2fcontactifybiztest.b2clogin.com%2fcontactifybiztest.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode=form_post&nonce=MfF1VOWjqQg0wwySfDdcyQ%3d%3d&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6YmRhMmFiNGMtNTYwOC00ZjA2LTg2YmItNzZiYjA5ZjJlNjcyIiwiVElEIjoiOTRjOTQzZjQtMDVlMS00MWExLTk5YzUtYzJiOTQ0MWY5Y2E3IiwiVE9JRCI6Ijc2MjkzZmRiLTgyNjktNGJhOS1hMTEzLWQ5OWFkY2U0NjFjMyJ9
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/main.1d318b9c8f895e67.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1027:1:158::2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d941fd50baa7c210cd868c84cb1bb34c3e054bad412f5a90991e79f3904d9e4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://contacts-test.raiffeisen.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
15224
content-type
text/html; charset=utf-8
date
Wed, 07 Aug 2024 11:07:56 GMT
expires
-1
link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msftauth.net>; rel=dns-prefetch,<https://aadcdn.msauth.net>; rel=dns-prefetch
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-frame-options
DENY
x-ms-ests-server
2.1.18662.4 - NEULR1 ProdSlices
x-ms-request-id
28af0f2b-c515-493d-b3a0-d7ba8bf91900
x-ms-srs
1.P
x-xss-protection
0

Redirect headers

Allow
OPTIONS TRACE GET HEAD POST
Cache-Control
no-store, must-revalidate, no-cache
Content-Length
694
Content-Type
text/html; charset=utf-8
Date
Wed, 07 Aug 2024 11:07:56 GMT
Location
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=bf6dc722-cab4-4c95-98c2-9e9d77a877f9&redirect_uri=https%3a%2f%2fcontactifybiztest.b2clogin.com%2fcontactifybiztest.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode=form_post&nonce=MfF1VOWjqQg0wwySfDdcyQ%3d%3d&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6YmRhMmFiNGMtNTYwOC00ZjA2LTg2YmItNzZiYjA5ZjJlNjcyIiwiVElEIjoiOTRjOTQzZjQtMDVlMS00MWExLTk5YzUtYzJiOTQ0MWY5Y2E3IiwiVE9JRCI6Ijc2MjkzZmRiLTgyNjktNGJhOS1hMTEzLWQ5OWFkY2U0NjFjMyJ9
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
x-ms-gateway-requestid
22b715f8-3b89-4fe8-8e57-5acb53a8c772
track
switzerlandnorth-0.in.applicationinsights.azure.com//v2/ 		62 B
120 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://switzerlandnorth-0.in.applicationinsights.azure.com//v2/track
Requested by
Host: contacts-test.raiffeisen.ch
URL: https://contacts-test.raiffeisen.ch/polyfills.53abc5fed72ddf08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.48.68 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://contacts-test.raiffeisen.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Wed, 07 Aug 2024 11:07:55 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=bf6dc722-cab4-4c95-98c2-9e9d77a877f9&redirect_uri=https%3a%2f%2fcontactifybiztest.b2clogin.com%2fcontactifybiztest.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode=form_post&nonce=MfF1VOWjqQg0wwySfDdcyQ%3d%3d&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6YmRhMmFiNGMtNTYwOC00ZjA2LTg2YmItNzZiYjA5ZjJlNjcyIiwiVElEIjoiOTRjOTQzZjQtMDVlMS00MWExLTk5YzUtYzJiOTQ0MWY5Y2E3IiwiVE9JRCI6Ijc2MjkzZmRiLTgyNjktNGJhOS1hMTEzLWQ5OWFkY2U0NjFjMyJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3324) /
Resource Hash
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 11:07:57 GMT
content-encoding
gzip
content-md5
SJgdPPV+fFjKfj6FHvk1Tg==
age
2902092
x-cache
HIT
content-length
20414
x-ms-lease-status
unlocked
last-modified
Wed, 03 Jul 2024 21:49:46 GMT
server
ECAcc (muc/3324)
etag
0x8DC9BAA0E5931F9
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
fdfcbade-801e-002b-1555-ceee02000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_Zq224xFJAG8RoxrKyx8tfA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		439 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Zq224xFJAG8RoxrKyx8tfA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=bf6dc722-cab4-4c95-98c2-9e9d77a877f9&redirect_uri=https%3a%2f%2fcontactifybiztest.b2clogin.com%2fcontactifybiztest.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode=form_post&nonce=MfF1VOWjqQg0wwySfDdcyQ%3d%3d&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6YmRhMmFiNGMtNTYwOC00ZjA2LTg2YmItNzZiYjA5ZjJlNjcyIiwiVElEIjoiOTRjOTQzZjQtMDVlMS00MWExLTk5YzUtYzJiOTQ0MWY5Y2E3IiwiVE9JRCI6Ijc2MjkzZmRiLTgyNjktNGJhOS1hMTEzLWQ5OWFkY2U0NjFjMyJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3355) /
Resource Hash
d691b4ab664bb80c23139c56326062c868d1bc9cf1a9e32422b2d28c2ec95456

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 11:07:57 GMT
content-encoding
gzip
content-md5
hLMq6HgYDWeJg1MAx5C8sw==
age
974598
x-cache
HIT
content-length
122075
x-ms-lease-status
unlocked
last-modified
Thu, 18 Jul 2024 21:52:25 GMT
server
ECAcc (muc/3355)
etag
0x8DCA773E8FBEBA8
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b25c8371-a01e-00f3-70dc-df26f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-de.min_zwemwkpuyugjstly9tezhq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_zwemwkpuyugjstly9tezhq2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=bf6dc722-cab4-4c95-98c2-9e9d77a877f9&redirect_uri=https%3a%2f%2fcontactifybiztest.b2clogin.com%2fcontactifybiztest.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode=form_post&nonce=MfF1VOWjqQg0wwySfDdcyQ%3d%3d&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6YmRhMmFiNGMtNTYwOC00ZjA2LTg2YmItNzZiYjA5ZjJlNjcyIiwiVElEIjoiOTRjOTQzZjQtMDVlMS00MWExLTk5YzUtYzJiOTQ0MWY5Y2E3IiwiVE9JRCI6Ijc2MjkzZmRiLTgyNjktNGJhOS1hMTEzLWQ5OWFkY2U0NjFjMyJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3344) /
Resource Hash
aada16c1472519ba77cb2ce71609eb9715ad651bcf059a56a4c04cbdbb082baa

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 11:07:57 GMT
content-encoding
gzip
content-md5
6cHjSFPHOu4WfND0X5rTVQ==
age
2401835
x-cache
HIT
content-length
17599
x-ms-lease-status
unlocked
last-modified
Tue, 09 Jul 2024 17:46:21 GMT
server
ECAcc (muc/3344)
etag
0x8DCA03F0B3995B0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f6c0546e-901e-00f3-77e1-d26db9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=bf6dc722-cab4-4c95-98c2-9e9d77a877f9&redirect_uri=https%3a%2f%2fcontactifybiztest.b2clogin.com%2fcontactifybiztest.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode=form_post&nonce=MfF1VOWjqQg0wwySfDdcyQ%3d%3d&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6YmRhMmFiNGMtNTYwOC00ZjA2LTg2YmItNzZiYjA5ZjJlNjcyIiwiVElEIjoiOTRjOTQzZjQtMDVlMS00MWExLTk5YzUtYzJiOTQ0MWY5Y2E3IiwiVE9JRCI6Ijc2MjkzZmRiLTgyNjktNGJhOS1hMTEzLWQ5OWFkY2U0NjFjMyJ9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.75 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers
oneDs_f2e0f4a029670f10d892.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Zq224xFJAG8RoxrKyx8tfA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3334) /
Resource Hash
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 11:07:57 GMT
content-encoding
gzip
content-md5
wegr9xrdYirQ87+FcvY0/A==
age
11695805
x-cache
HIT
content-length
61052
x-ms-lease-status
unlocked
last-modified
Thu, 25 May 2023 17:22:37 GMT
server
ECAcc (muc/3334)
etag
0x8DB5D44A2CEB430
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
02620135-201e-0089-6c5a-7e7e60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		397 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Zq224xFJAG8RoxrKyx8tfA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3331) /
Resource Hash
1ec87632ee58734951aa02813ef07ad377126a39a16f063c181519b98ffffc07

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 11:07:57 GMT
content-encoding
gzip
content-md5
/tr7rG0APA0Nym9G/DMFwg==
age
4017473
x-cache
HIT
content-length
116351
x-ms-lease-status
unlocked
last-modified
Thu, 20 Jun 2024 02:16:51 GMT
server
ECAcc (muc/3331)
etag
0x8DC90CF0C1378C3
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1ead470d-a01e-00ad-1c30-c4435b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3374) /
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 11:07:57 GMT
content-md5
EuPayFgGHQiAI7K9SOL6lg==
age
11695808
x-cache
HIT
content-length
17174
x-ms-lease-status
unlocked
last-modified
Sun, 18 Oct 2020 03:02:30 GMT
server
ECAcc (muc/3374)
etag
0x8D8731240E548EB
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
bcb2f27e-c01e-00bb-375a-7e0975000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3382) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 11:07:57 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
11695802
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:43 GMT
server
ECAcc (muc/3382)
etag
0x8DB5C3F466DE917
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b09678ff-001e-0067-3c5a-7ec90a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/333F) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 11:07:57 GMT
content-encoding
gzip
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
age
11695803
x-cache
HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (muc/333F)
etag
0x8DB5C3F495F4B8C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
64afdc3c-601e-00a1-6b5a-7eb742000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Zq224xFJAG8RoxrKyx8tfA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3340) /
Resource Hash
bab311bf22661b153353a159f0ec931dbcb79f950fa37daf9d0ff180cbf45deb

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 11:07:57 GMT
content-encoding
gzip
content-md5
FXzSZAYOwKp2jFj6XjvNRQ==
age
4003257
x-cache
HIT
content-length
35167
x-ms-lease-status
unlocked
last-modified
Thu, 20 Jun 2024 02:16:53 GMT
server
ECAcc (muc/3340)
etag
0x8DC90CF0D8CB039
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2c2f4b9b-901e-0066-2151-c4e208000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3339) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Aug 2024 11:07:58 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
11695813
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:52 GMT
server
ECAcc (muc/3339)
etag
0x8DB5C3F4BB4F03C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
06655422-601e-004d-0c5a-7e562c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_6c7dc46bb93924417b57 boolean| __convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae

17 Cookies

Domain/Path Name / Value
contacts-test.raiffeisen.ch/ Name: ai_user
Value: McjXlaIGoyF3jhN63HvSiC|2024-08-07T11:07:54.968Z
contacts-test.raiffeisen.ch/ Name: ai_session
Value: yaJPM/gvru4guM4xr2RdDq|1723028875032|1723028875032
contacts-api-test.raiffeisen.ch/ Name: X-XSRF-TOKEN
Value: CfDJ8O1R7-lG0aJIknTG6DYQ_PaSacSPrDJReTcnUavX958bKRanPGX4RQeG-iGQGRhBhk75pynPM7AlStymB6dmrKadPJekPwPOQQCL_RKZXoW2So8VT8nQwOCDcb3-yzcft5-QERz3RtzNRADNM5pnNUw
contacts-api-test.raiffeisen.ch/ Name: .AspNetCore.Culture
Value: c%3Dde%7Cuic%3Dde
.contactifybiztest.b2clogin.com/ Name: x-ms-cpim-rc:bda2ab4c-5608-4f06-86bb-76bb09f2e672
Value: cFcvdktBNXRWNllRV1RNRjNMZnZBM3Jma055dVdIdTNZMHY0YU9zbHdmYWppa01lQk81Y2c5RWVLTUdKSjNYQkNUUnhISi9JK3JtYlFuZHN4TzJOd3c9PTsyMDI0LTA4LTA3VDExOjA3OjU2LjYzNjg0ODhaO2NlYVZqLzBJcDJjRFRMc1BDL29PbGc9PTt7IlRhcmdldEVudGl0eSI6IkF6dXJlQURDb21tb25FeGNoYW5nZSIsIk9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
.contactifybiztest.b2clogin.com/ Name: x-ms-cpim-cache|9epjloefougzxck5rb-cpw_0
Value: m1.S94nkS82EOnERSb0.fXHC8/fDQMFYYp9MVSLiZw==.0.UlQPhTcH0OuC8cRrH0YhkJX29+O8IqmsFVFPnh6FckVClaNB7PfyWdSCBF3sIg3X06x+1l4KoCiWGdQ+24cf75Yggoxx1DdUwapTHYL98cKuARQgF8YWarw/ZuHTf3EpgV8riwq5pize6bzYcuRLPsHir4QBML99ZENNVHBDulI1FFRC9nJuP0+HLkRPhXS1Y3wMltH+rxoaEikHGPHJKMwhY38qGoLfHYw4d1E/nlt9RqrqZAiMW3LyjONFB6jNQrhdnhiSHNZvt8itQalQGrkxUF6Jzg3O4GiR5SktdsVcOURqB5HSAUba8W47GqnQeqnH6wrNzeIgXqhcT0xxycTcq25wbmz4AzonlXI0EC0SViEQZ0HyGppiiPkBNPtBnh8UVF+OLl0akkdF1eYG0khIHaAHMttU0eNbRXVbJPKRO/GlYeDMqRsdlrfcC2frCKMVpzr0QPC+Uklmkpd8lRWt3PIsFBI9UrkBPBAAwjwhdh3K+b0BzOfTWEeNbGU+GfxSbyJPu6oIeU5avoIlRXsEUegy9oAcT7nfxC0waoKgH0ifJeKN9TT5ndzbx83UkCAYTgMsrLdaN/yybegpCKgny+ZIAvp3mzcPX1mh5QHdbAxHQ2MQV0Cegv4IJLCRkE25XISm0jg24ODtJd6FqgnwtBWV9AFEVijt5JFo6TKaeYIZgEmBp66EfDNzCZrzRWS+kx5NYNUa+rHQu7BkQlfF+J89Q+FHWG6utVa6PlA0rUvVe3s93F36GESFsdRw4kyUAC0K4ND9odMcHqNpc+DRAnYW0Bq5iMt5hbl7ajR11grjlIluPFpbReF4W2h1+E1nvM+kcvqaRGp7ld8BBQoHI4Em0C0O6dwMkc06Lmyh62qTHVF7o9VSQsJACx7/36lR81UCdnjLjPFPZqbO2ahU9fqRh+fdSQtoqorzQF30iJYMf3zOc7VFHgbFeoyiO+C8/c/A5EfHwi8v+IDLaKmKiiQSGgMQA49uZ99SQw9VtOEypwn+0VCWYGMdp95BJXFJCMB9ia37ieitJZg208921ZlkqAZPLb00+VLMZ6zD0kW/EUSSLjp4ps88aI9ot0DI
.contactifybiztest.b2clogin.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6Ijk0Yzk0M2Y0LTA1ZTEtNDFhMS05OWM1LWMyYjk0NDFmOWNhNyIsIlQiOiJjb250YWN0aWZ5Yml6dGVzdC5vbm1pY3Jvc29mdC5jb20iLCJQIjoiYjJjXzFhX3NpZ251cF9zaWduaW4iLCJDIjoiODZiOTRmZjYtMmNkMC00OGVlLWEzYjctYTBmNmQ1ZGJhZTYxIiwiUyI6MSwiTSI6e30sIkQiOjAsIkUiOiIifV0sIkNfSUQiOiI5NGM5NDNmNC0wNWUxLTQxYTEtOTljNS1jMmI5NDQxZjljYTcifQ==
login.microsoftonline.com/ Name: buid
Value: 0.AVwAXkSfSNOKiEmqxHB24tm5bSLHbb-0ypVMmMKenXeod_lcAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYMwhPVJd2DwFm1vWfkI0wXt-vfGd5EvMFhTYbea8shLaTNnJV-cS-rG05PchJyDcK2MKZ9M1pXq4VlHQJ_aAMYhkj6HOU-J3PpTTGUF_zI3YgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYTAKzUqklEOjaAAZ_Vr3JX7zfEul62dRVYlOEFSdaYI1go-v301psIAcRF5Dd7T0k_GFv5Pz1tIuzDqXib6hb05XxrbQV4CgEoESNHuDG7uMO1XMbS5hbwhtOGY6Ge5xWS-UFW5vBvwfoE83Lnsnne57vZLhxLrAyKe8030G9RqQgAA
.login.microsoftonline.com/ Name: esctx-4QpENiwjSeg
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYgrVxhHSs5OsRqQ4rTOGbMgw_TvsdLuqjdUuntImQ1Ujin97jhMaCQ-82wOjyAiTp4U1hchWGz6qWu3oLKB_Gt91bkdZF5iyhjwWAZpMt1qD4eczZz7VOM0-7MCZa3MnEyUugdTtevpW2ubj8TJDOQSAA
login.microsoftonline.com/ Name: fpc
Value: Aun1nBS0b4VNnQcMsCQ1bvnwyMZ2AQAAAIxMRd4OAAAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
login.microsoftonline.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: b17a7c7a-2d46-4c85-8893-c3f8abbf3f11
.login.microsoftonline.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: 67be8a4c5a8b4e37a2fa6a56331b1808
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1723028877&co=1

3 Console Messages

Source Level URL
Text
security error URL: https://contacts-test.raiffeisen.ch/
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
network error URL: https://contacts-api-test.raiffeisen.ch/api/single-user/user
Message:
Failed to load resource: the server responded with a status of 401 ()
recommendation verbose URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=bf6dc722-cab4-4c95-98c2-9e9d77a877f9&redirect_uri=https%3a%2f%2fcontactifybiztest.b2clogin.com%2fcontactifybiztest.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode=form_post&nonce=MfF1VOWjqQg0wwySfDdcyQ%3d%3d&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6YmRhMmFiNGMtNTYwOC00ZjA2LTg2YmItNzZiYjA5ZjJlNjcyIiwiVElEIjoiOTRjOTQzZjQtMDVlMS00MWExLTk5YzUtYzJiOTQ0MWY5Y2E3IiwiVE9JRCI6Ijc2MjkzZmRiLTgyNjktNGJhOS1hMTEzLWQ5OWFkY2U0NjFjMyJ9
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; font-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://fonts.gstatic.com; connect-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://www.passsource.com https://*.applicationinsights.azure.com https://*.livediagnostics.monitor.azure.com https://contacts-api-test.raiffeisen.ch https://contacts-api.raiffeisen.ch https://play.google.com https://apps.apple.com; img-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net https://play-lh.googleusercontent.com blob: data:; script-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://contacts-test.raiffeisen.ch https://contacts.raiffeisen.ch; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://contactifybiz.b2clogin.com https://contactifybiztest.b2clogin.com https://login.microsoftonline.com; upgrade-insecure-requests; prefetch-src 'self'; media-src 'self' https://raiffeisenstoragedev.blob.core.windows.net https://raiffeisenstorageprod.blob.core.windows.net blob: data:; manifest-src 'none'; worker-src 'none'; object-src 'none'; child-src 'self'; base-uri 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
contactifybiztest.b2clogin.com
contacts-api-test.raiffeisen.ch
contacts-test.raiffeisen.ch
fonts.googleapis.com
fonts.gstatic.com
login.live.com
login.microsoftonline.com
raiffeisenstoragedev.blob.core.windows.net
switzerlandnorth-0.in.applicationinsights.azure.com
20.190.159.75
20.208.5.32
2603:1026:3000:d0::
2603:1026:3000:d0::6
2603:1027:1:158::2
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2003
51.107.48.68
51.107.58.162
52.239.251.228
0295ffafbb008e92123b27b89c40926cae9c6396fdcea6ec88c27e37dd1a55eb
02b712f7df8700b1250afc30abd7ebe3910214de12c809b662c038245009280b
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0707a5987432234f9f382150b9aa370d94e3f525a383891d717570c645acd4ad
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
1ec87632ee58734951aa02813ef07ad377126a39a16f063c181519b98ffffc07
1f4bb853001fd2171323b6c40d701f5dcb24b717982f0fb37c0020f5380676ae
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d
2164ec40d9e8bad9c1dc8dc4955cf6eb2ab5cb69b4b1109cec2c43e8131fbe87
22b8eec482c32804d27a4905a16093d7917b24e5e3a7f7c22876fbbc531961c5
231f7f29d6c4a7679e1fcc35edee24607cf123c8a9adff44909346a86c97a141
2aa09064b104cde947ebf35b54c0d8cb3f4a1c78365240beb17824d3684a9864
30d0406fe51930f5f08d1d10134809e431af37e342bc18e959b07c3be58a30b9
43d772997b48356d078211dfe71ed9ff33326738a5225f49f35ddb6b367731dc
5cc46be727f38a405b8fde664868037eeb4ec800e81446f94b38b767bd34e1f9
5e5fbeccb2c4426dbdd4d70dac039d69223ab935c9a43226b24b3ca75a32b637
606043eda3ecb8fcdd48217a92148fae0c08e378b1cc047853bc55cc101b7587
65dc164a2d65e4d5769a6ff5ab1bec2f8b0bc581c31312a5ed3859fec370fedc
82ff22dedd2bdf74e9ebf007df351208c9af5ebddb77c79b1d0fb4fc34460d68
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0
85a27349a91e938179686119b7f5509012012b0afbe66c65e5f2616ba510bace
8d3251f4935896ec37ada153d20d0109828ad08523127f136415355b3fca2dcf
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
9807dd0e7ca69baabacf13338989694aa0766e346d0726a29cd404bb8e3f1749
a685afa7dbb4ab6172a785c913f900e8177472c77a51659ab0ae8bc871770b58
aada16c1472519ba77cb2ce71609eb9715ad651bcf059a56a4c04cbdbb082baa
ac7c637f047a189f40860cd5a3201929af8388cd27a8fae10cd9ff0935fccaf3
aeef4086d871b610f402dc4d89ceced22fb74d42cef7b1d377c972a20587434c
b193c81f620935caa38acd1317cdff3747b7d4e9f6e94e09a1ac70a24f72dfa5
b4edd70d08695985c44fb9bb16cc7890e625e4b4a0fb9cffab53b5d8368f3b7a
b7d751ffe4b62cff393f0405bee8799dfb85ee16ab53c70e6abc64679eae1daa
bab311bf22661b153353a159f0ec931dbcb79f950fa37daf9d0ff180cbf45deb
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
bd636e38d50856c915e741ccf6b0594f6544a5f0f28bd6158e3c6337073647c0
c624b1d17e53eeea8a2b5618121f1abd0edd1749409202c879dbf66641bcc928
d691b4ab664bb80c23139c56326062c868d1bc9cf1a9e32422b2d28c2ec95456
d941fd50baa7c210cd868c84cb1bb34c3e054bad412f5a90991e79f3904d9e4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e451e0defdfccecb531f53a7514a4b3c359313243120231dbc7f77fa0a77bef4
e4fa1df5a5a536fe568b31a0d4916ce5b432cc7b480e5ce6edc0967aaee5e231
f5afb3ee91377dd607905204696cf18ab6e99e29129e507ff5028ccdd11d6cd6
f865f398c72454ea11d6e801de666c3dfe4bb22768cceb7f0e1c65a86acfc505