id.mobility.ch Open in urlscan Pro
35.158.28.238 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.mobility.ch/fr/login/
Effective URL:
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug...
Submission: On February 13 via api (February 13th 2023, 6:19:59 pm UTC) from CH — Scanned from DE

Summary HTTP 61 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 4 domains to perform 61 HTTP transactions. The main IP is 35.158.28.238, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is id.mobility.ch.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on March 18th 2022. Valid for: a year.

This is the only time id.mobility.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 9	5.148.183.16 5.148.183.16	29691 (NINE) (NINE)
22	195.65.210.72 195.65.210.72	3303 (SWISSCOM ...) (SWISSCOM Swisscom Switzerland Ltd)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	3.67.55.235 3.67.55.235	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:9600:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211a:4000:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
5 29	35.158.28.238 35.158.28.238	16509 (AMAZON-02) (AMAZON-02)
61	8

9 5.148.183.16 (Zurich, Switzerland) 3 redirects

ASN29691 (NINE, CH)
PTR: cabvs108.nine.ch

www.mobility.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 195.65.210.72 (Les Monts-de-Corsier, Switzerland)

ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH)

my.mobility.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.55.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-55-235.eu-central-1.compute.amazonaws.com

api.mobility.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:9600:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:4000:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 35.158.28.238 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

id.mobility.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	mobility.ch 8 redirects www.mobility.ch my.mobility.ch api.mobility.ch id.mobility.ch	3 MB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 109	192 KB
1	branch.io api2.branch.io — Cisco Umbrella Rank: 485	598 B
1	app.link app.link — Cisco Umbrella Rank: 2564	595 B
61	4

	Domain	Requested by
29	id.mobility.ch	5 redirects my.mobility.ch id.mobility.ch
22	my.mobility.ch	my.mobility.ch
9	www.mobility.ch	3 redirects my.mobility.ch
3	www.googletagmanager.com	my.mobility.ch id.mobility.ch
2	api.mobility.ch	my.mobility.ch
1	api2.branch.io	my.mobility.ch
1	app.link	my.mobility.ch
61	7

This site contains links to these domains. Also see Links.

Domain
www.mobility.ch
www.facebook.com
www.youtube.com
twitter.com
instagram.com
www.linkedin.com
www.xing.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
*.mobility.ch GlobalSign RSA OV SSL CA 2018	`2022-03-18` - `2023-04-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
appipv4.link Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-17` - `2023-11-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Frame ID: 82A49C4ACF0F0AA09DE64321A4B941B3
Requests: 60 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-6QTX
Frame ID: B1EE6A8630B08188A6E42EDFCE569A1D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Mobility

Page URL History Show full URLs

https://www.mobility.ch/fr/login/ HTTP 303
https://my.mobility.ch/ Page URL
https://id.mobility.ch/oauth2/authorize?response_type=code&client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&s... HTTP 302
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&c... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

87 %
HTTPS

43 %
IPv6

4
Domains

7
Subdomains

8
IPs

3
Countries

2825 kB
Transfer

10191 kB
Size

6
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mobility.ch/de/search/

Search URL Search Domain Scan URL

URL: https://www.mobility.ch/de/faq/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.mobility.ch/de/help-and-information/contact/
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://www.mobility.ch/de/impressum/
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.mobility.ch/de/sitemap/
Title: Sitemap

Search URL Search Domain Scan URL

URL: http://www.facebook.com/mobility.carsharing.ch

Search URL Search Domain Scan URL

URL: http://www.youtube.com/MobilityCarsharing

Search URL Search Domain Scan URL

URL: https://twitter.com/Mobility_Suisse

Search URL Search Domain Scan URL

URL: https://instagram.com/mobility_carsharing/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mobility-international-ag

Search URL Search Domain Scan URL

URL: https://www.xing.com/company/mobility

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ch/app/mobility-car/id362028864?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ch.mobility.mobidroid.main&hl=de

Search URL Search Domain Scan URL

URL: https://www.mobility.ch/fileadmin/files/documents/factsheets/Mobility_GTC_EN.pdf
Title: Privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.mobility.ch/fr/login/ HTTP 303
https://my.mobility.ch/ Page URL
https://id.mobility.ch/oauth2/authorize?response_type=code&client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&redirect_uri=https%3A%2F%2Fmy.mobility.ch&scope=openid&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk HTTP 302
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.mobility.ch/fr/login/ HTTP 303
https://my.mobility.ch/

Request Chain 24

https://www.mobility.ch/en HTTP 307
https://www.mobility.ch/en/private-customers

Request Chain 54

https://www.mobility.ch/en HTTP 307
https://www.mobility.ch/en/private-customers

Request Chain 57

https://id.mobility.ch/fileadmin/files/mood-videos/mobility-carsharing-skitour.mp4 HTTP 302
https://id.mobility.ch/carbon/admin/login.jsp

Request Chain 58

https://id.mobility.ch/fileadmin/files/mood-videos/Mobility-Video-Business-Home-Laufen.mp4 HTTP 302
https://id.mobility.ch/carbon/admin/login.jsp

Request Chain 59

https://id.mobility.ch/fileadmin/files/mood-videos/mobility-carsharing-winter-skifahren.mp4 HTTP 302
https://id.mobility.ch/carbon/admin/login.jsp

Request Chain 60

https://id.mobility.ch/fileadmin/files/mood-videos/Mobility-Video-Elektroladestation.mp4 HTTP 302
https://id.mobility.ch/carbon/admin/login.jsp

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
my.mobility.ch/
Redirect Chain

https://www.mobility.ch/fr/login/
https://my.mobility.ch/

5 KB
4 KB

175ms
19ms

Document
text/html

195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

cdc879d1c3889f2834364abc7d9cd67b50206ac48dd5090beca9a1633883a95e

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Access-Control-Allow-Origin: *.mobility.ch
Access-Control-Max-Age: 60
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1903
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Content-Type: text/html; charset=UTF-8
Date: Mon, 13 Feb 2023 18:19:52 GMT
ETag: "1581-5ef0446e6ed00-gzip"
Last-Modified: Sun, 04 Dec 2022 17:55:32 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

Redirect headers

cache-control: max-age=31536000
content-length: 0
content-security-policy: frame-ancestors 'self' *.mobility.ch
content-type: text/html; charset=UTF-8
date: Mon, 13 Feb 2023 18:19:52 GMT
expires: Mon, 13 Feb 2023 18:19:52 GMT
location: https://my.mobility.ch/
referrer-policy: strict-origin
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding,Origin
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK splash.css
my.mobility.ch/ 7 KB
5 KB 20ms
18ms Stylesheet
text/css 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/splash.css

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

f4beba9fe514443c75d9f945c4aa3e8fbe2628dba862a651272048aaf6a442ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.mobility.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:52 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 2945
Last-Modified: Sun, 04 Dec 2022 18:41:20 GMT
Server: Apache
ETag: "1cf6-5ef04eab21400-gzip"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/css
Access-Control-Allow-Origin: *.mobility.ch
Vary: Accept-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding

GET
H/1.1 200
OK runtime.15ccd3d65dc749d0.js Show response
my.mobility.ch/ 1 KB
3 KB 38ms
18ms Script
application/javascript 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/runtime.15ccd3d65dc749d0.js

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

ececcc62e2c708a15ee30c314eaf07bba09e6249e12f5d4947b190f4c550c920

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.mobility.ch/
Origin: https://my.mobility.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:52 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 837
Last-Modified: Sun, 04 Dec 2022 17:55:22 GMT
Server: Apache
ETag: "5c6-5ef04464e5680-gzip"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/javascript
Access-Control-Allow-Origin: *.mobility.ch
Vary: Accept-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding

GET
H/1.1 200
OK polyfills.46c7b0191d454fed.js Show response
my.mobility.ch/ 161 KB
57 KB 59ms
24ms Script
application/javascript 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/polyfills.46c7b0191d454fed.js

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

eaea9bfee75c4f60c422adf57cfc8c83ea50c591fd18128bf7dc20887a2af3e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.mobility.ch/
Origin: https://my.mobility.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:53 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 17:55:22 GMT
Server: Apache
ETag: "28455-5ef04464e5680-gzip"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/javascript
Access-Control-Allow-Origin: *.mobility.ch
Vary: Accept-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding

GET
H/1.1 200
OK scripts.ed0355b314546953.js Show response
my.mobility.ch/ 243 KB
78 KB 46ms
28ms Script
application/javascript 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/scripts.ed0355b314546953.js

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

50c1edc5a911e7642230300feff98f67afc74d5b3c3a6da51687794bf2b4f99f

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.mobility.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:53 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 17:55:22 GMT
Server: Apache
ETag: "3cd6f-5ef04464e5680-gzip"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/javascript
Access-Control-Allow-Origin: *.mobility.ch
Vary: Accept-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding

GET
H/1.1 200
OK main.ae187bcda24979cd.js Show response
my.mobility.ch/ 7 MB
2 MB 64ms
29ms Script
application/javascript 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/main.ae187bcda24979cd.js

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

44001276ca765995db5f3b9d1eebc1aad873fb2204563ad0953cb7fc83cd082f

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.mobility.ch/
Origin: https://my.mobility.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:53 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 17:55:22 GMT
Server: Apache
ETag: "6b45c6-5ef04464e5680-gzip"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/javascript
Access-Control-Allow-Origin: *.mobility.ch
Vary: Accept-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding

GET
H/1.1 200
OK styles.1b376ed5432a37e0.css
my.mobility.ch/ 443 KB
66 KB 61ms
27ms Stylesheet
text/css 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/styles.1b376ed5432a37e0.css

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

305343b78508ca024338e1cb168ccef7d88aae6352dddf3c870e887fd45b5165

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.mobility.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:53 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 17:55:22 GMT
Server: Apache
ETag: "6ed3c-5ef04464e5680-gzip"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/css
Access-Control-Allow-Origin: *.mobility.ch
Vary: Accept-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d3f134a55066dfd0d225ce3314ecdf7f8088422328d2ec771c7dd9b0bbc4d6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK f7b387cf-f3f4-4160-9162-1ca1b75a3615.ab17a478f2f43a59.woff
my.mobility.ch/ 32 KB
34 KB 28ms
18ms Font
font/woff 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/f7b387cf-f3f4-4160-9162-1ca1b75a3615.ab17a478f2f43a59.woff

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

e38ce2c162ff2e0cab6d180ef39fa4c38fd523f6f5eab50a3c3ff7010b416949

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.mobility.ch/
Origin: https://my.mobility.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:53 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Last-Modified: Sun, 04 Dec 2022 17:55:22 GMT
Server: Apache
ETag: "80e8-5ef04464e5680"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: font/woff
Access-Control-Allow-Origin: *.mobility.ch
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Content-Length: 33000

GET
H/1.1 200
OK environment.json
my.mobility.ch/ 10 KB
12 KB 19ms
18ms Fetch
application/json 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/environment.json

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/polyfills.46c7b0191d454fed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.mobility.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:53 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Last-Modified: Sun, 04 Dec 2022 18:56:48 GMT
Server: Apache
ETag: "291b-5ef0522023c00"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: *.mobility.ch
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Content-Length: 10523

GET
H/1.1 200
OK tenant.config.json
my.mobility.ch/ 9 KB
11 KB 20ms
19ms Fetch
application/json 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/tenant.config.json

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/polyfills.46c7b0191d454fed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.mobility.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:53 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Last-Modified: Sun, 04 Dec 2022 18:56:50 GMT
Server: Apache
ETag: "23bd-5ef052220c080"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: *.mobility.ch
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Content-Length: 9149

GET
H/1.1 200
OK datatrans-1.0.2.js
my.mobility.ch/assets/ 7 KB
4 KB 20ms
20ms Script
application/javascript 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/assets/datatrans-1.0.2.js

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/main.ae187bcda24979cd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.mobility.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:53 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 1886
Last-Modified: Sun, 04 Dec 2022 17:55:30 GMT
Server: Apache
ETag: "1b31-5ef0446c86880-gzip"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/javascript
Access-Control-Allow-Origin: *.mobility.ch
Vary: Accept-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding

GET
H2 200 gtm.js
www.googletagmanager.com/ 339 KB
96 KB 139ms
59ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-6QTX&l=digitalData

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.mobility.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97842
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 18:01:03 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Feb 2023 18:19:54 GMT

GET
H2 200 ns.html
www.googletagmanager.com/ Frame B1EE 266 B
411 B 126ms
49ms Document
text/html 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-6QTX

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/main.ae187bcda24979cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://my.mobility.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 18:19:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

OPTIONS
H2 200 client
api.mobility.ch/classic/10/v2/v2.0/public/settings/ Frame 0
0 151ms
8ms Preflight 3.67.55.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mobility.ch/classic/10/v2/v2.0/public/settings/client
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.55.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-55-235.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: app-key
Access-Control-Request-Method: GET
Origin: https://my.mobility.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

accept: */*
accept-encoding: gzip, deflate, br
access-control-allow-headers: authorization,Access-Control-Allow-Origin,Content-Type,SOAPAction,mobisys-session-token,x-http-method-override,App-Key,Authorization
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers
access-control-request-headers: app-key
access-control-request-method: GET
cache-control: no-cache
date: Mon, 13 Feb 2023 18:19:54 GMT
host: api.mobility.ch
origin: https://my.mobility.ch
pragma: no-cache
referer: https://my.mobility.ch/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
x-amzn-trace-id: Root=1-63ea7f4a-46c79289508bef8e17725006
x-forwarded-for: 185.213.155.164
x-forwarded-port: 443
x-forwarded-proto: https

GET
H2 200 client
api.mobility.ch/classic/10/v2/v2.0/public/settings/ 821 B
2 KB 29ms
29ms XHR
application/json 3.67.55.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mobility.ch/classic/10/v2/v2.0/public/settings/client

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/polyfills.46c7b0191d454fed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.67.55.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-55-235.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json;charset=UTF-8
Referer: https://my.mobility.ch/
App-Key: 936ab40c2c4f0c86d7af268818e9be65
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
referrer-policy: no-referrer
content-security-policy: default-src 'self'; frame-ancestors 'self'; frame-src 'self'
x-frame-options: DENY
access-control-allow-methods: GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://my.mobility.ch
access-control-expose-headers: location, content-disposition
cache-control: no-cache
access-control-allow-credentials: true
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
access-control-allow-headers: authorization,Access-Control-Allow-Origin,Content-Type,SOAPAction,mobisys-session-token,x-http-method-override,App-Key,Authorization

GET
H/1.1 200
OK en.json
my.mobility.ch/assets/i18n/ 79 KB
81 KB 19ms
18ms XHR
application/json 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/assets/i18n/en.json

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/polyfills.46c7b0191d454fed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://my.mobility.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:54 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Last-Modified: Sun, 04 Dec 2022 18:41:20 GMT
Server: Apache
ETag: "13cc7-5ef04eab21400"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: *.mobility.ch
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Content-Length: 81095

GET
H2 200 _r
app.link/ 91 B
595 B 181ms
163ms Script
text/javascript 2600:9000:2057:9600:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.58.0&branch_key=key_live_ccTQs4FvlpMrmi23unG9domhvFl0p0XC&callback=branch_callback__0

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/main.ae187bcda24979cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9600:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.mobility.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
etag: W/"5b-Z6Vk8QYPHr0o/VPSG7ImzSfkS8g"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: aJsh3E-s78YqM6SbbusmyHNO9AtFmyhxIWwwZTShNuqLGxxDdTSjgA==

GET
H/1.1 200
OK logo.svg
my.mobility.ch/assets/images/ 4 KB
6 KB 34ms
34ms Image
image/svg+xml 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.mobility.ch/assets/images/logo.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.mobility.ch/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:54 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Last-Modified: Sun, 04 Dec 2022 18:41:20 GMT
Server: Apache
ETag: "1048-5ef04eab21400"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *.mobility.ch
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Content-Length: 4168

GET
H/1.1 200
OK app-store-dark-EN.a2e763b82653be76.svg
my.mobility.ch/ 11 KB
12 KB 36ms
36ms Image
image/svg+xml 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.mobility.ch/app-store-dark-EN.a2e763b82653be76.svg

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/styles.1b376ed5432a37e0.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.mobility.ch/styles.1b376ed5432a37e0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:54 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Last-Modified: Sun, 04 Dec 2022 17:55:22 GMT
Server: Apache
ETag: "2a34-5ef04464e5680"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *.mobility.ch
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Content-Length: 10804

GET
H/1.1 200
OK google-play-dark-EN.791bcb57b81d7cd1.svg
my.mobility.ch/ 9 KB
10 KB 37ms
36ms Image
image/svg+xml 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.mobility.ch/google-play-dark-EN.791bcb57b81d7cd1.svg

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/styles.1b376ed5432a37e0.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.mobility.ch/styles.1b376ed5432a37e0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:54 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Last-Modified: Sun, 04 Dec 2022 17:55:22 GMT
Server: Apache
ETag: "2252-5ef04464e5680"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *.mobility.ch
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Content-Length: 8786

GET
H/1.1 200
OK brandicons.d3adfe5e1cce901b.woff
my.mobility.ch/ 27 KB
29 KB 38ms
37ms Font
font/woff 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/brandicons.d3adfe5e1cce901b.woff

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/styles.1b376ed5432a37e0.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.mobility.ch/styles.1b376ed5432a37e0.css
Origin: https://my.mobility.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:54 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Last-Modified: Sun, 04 Dec 2022 17:55:22 GMT
Server: Apache
ETag: "6bb8-5ef04464e5680"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: font/woff
Access-Control-Allow-Origin: *.mobility.ch
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Content-Length: 27576

GET
H/1.1 200
OK 03aaa120-6cbd-477a-9d8d-8a7ac97fd0b0.c81e61261718aca3.woff
my.mobility.ch/ 30 KB
0 39ms
38ms Font
font/woff 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/03aaa120-6cbd-477a-9d8d-8a7ac97fd0b0.c81e61261718aca3.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.mobility.ch/
Origin: https://my.mobility.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:54 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Last-Modified: Sun, 04 Dec 2022 17:55:22 GMT
Server: Apache
ETag: "83b5-5ef04464e5680"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: font/woff
Access-Control-Allow-Origin: *.mobility.ch
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Content-Length: 33717

GET
H/1.1 200
OK fontawesome-webfont.e9955780856cf8aa.woff2
my.mobility.ch/ 75 KB
77 KB 228ms
228ms Font
font/woff2 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/fontawesome-webfont.e9955780856cf8aa.woff2?v=4.7.0

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/styles.1b376ed5432a37e0.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.mobility.ch/styles.1b376ed5432a37e0.css
Origin: https://my.mobility.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:19:54 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Last-Modified: Sun, 04 Dec 2022 17:55:22 GMT
Server: Apache
ETag: "12d68-5ef04464e5680"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: font/woff2
Access-Control-Allow-Origin: *.mobility.ch
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Content-Length: 77160

GET
H2

200

private-customers
www.mobility.ch/en/
Redirect Chain

https://www.mobility.ch/en
https://www.mobility.ch/en/private-customers

46 KB
10 KB

24ms
23ms

XHR
text/html

5.148.183.16
NINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mobility.ch/en/private-customers

Protocol

Server

5.148.183.16 Zurich, Switzerland, ASN29691 (NINE, CH),

Reverse DNS

cabvs108.nine.ch

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.mobility.ch
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.mobility.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires: Mon, 13 Feb 2023 18:19:54 GMT
date: Mon, 13 Feb 2023 18:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
server: Apache
content-security-policy: frame-ancestors 'self' *.mobility.ch
referrer-policy: strict-origin
vary: Accept-Encoding,Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://my.mobility.ch
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

Redirect headers

expires: Mon, 13 Feb 2023 18:19:54 GMT
date: Mon, 13 Feb 2023 18:19:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.mobility.ch
server: Apache
referrer-policy: strict-origin
vary: Accept-Encoding,Origin
content-type: text/html; charset=UTF-8
location: https://www.mobility.ch/en/private-customers
access-control-allow-origin: https://my.mobility.ch
cache-control: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

POST
H2 200 open
api2.branch.io/v1/ 274 B
598 B 234ms
195ms XHR
application/json 2600:9000:211a:4000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/polyfills.46c7b0191d454fed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:4000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://my.mobility.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
via: 1.1 4e3b2e1fa2acb7612ea516b89c06af70.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 274
x-amz-cf-id: 3Lc0d-6gzW-En1PZjgc7M3LSIpbbEZoKBv4nIit1yRfWqEXQRAU36w==

GET
H2 200 portal.css
www.mobility.ch/typo3conf/ext/mobility/Templates/Mobility/Resources/Public/Css/ 22 KB
3 KB 16ms
16ms Stylesheet
text/css 5.148.183.16
NINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mobility.ch/typo3conf/ext/mobility/Templates/Mobility/Resources/Public/Css/portal.css

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.148.183.16 Zurich, Switzerland, ASN29691 (NINE, CH),

Reverse DNS

cabvs108.nine.ch

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.mobility.ch
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.mobility.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 09:30:53 GMT
server: Apache
content-security-policy: frame-ancestors 'self' *.mobility.ch
referrer-policy: strict-origin
vary: Accept-Encoding,Origin
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3417
x-xss-protection: 1; mode=block
expires: Tue, 13 Feb 2024 18:19:54 GMT

GET
H2 200 portal.js
www.mobility.ch/typo3conf/ext/mobility/Templates/Mobility/Resources/Public/JavaScript/ 58 KB
21 KB 18ms
17ms Script
application/javascript 5.148.183.16
NINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mobility.ch/typo3conf/ext/mobility/Templates/Mobility/Resources/Public/JavaScript/portal.js

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.148.183.16 Zurich, Switzerland, ASN29691 (NINE, CH),

Reverse DNS

cabvs108.nine.ch

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.mobility.ch
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.mobility.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 09:30:53 GMT
server: Apache
content-security-policy: frame-ancestors 'self' *.mobility.ch
referrer-policy: strict-origin
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20901
x-xss-protection: 1; mode=block
expires: Tue, 13 Feb 2024 18:19:54 GMT

GET
H/1.1 206
Partial Content mobility-carsharing-skitour.mp4
my.mobility.ch/fileadmin/files/mood-videos/ 5 KB
7 KB 37ms
36ms Media
text/html 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/fileadmin/files/mood-videos/mobility-carsharing-skitour.mp4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.mobility.ch/login
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 13 Feb 2023 18:19:54 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Content-Range: bytes 0-5504/5505
Connection: keep-alive
Content-Length: 5505
Last-Modified: Sun, 04 Dec 2022 17:55:32 GMT
Server: Apache
ETag: "1581-5ef0446e6ed00"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *.mobility.ch
Vary: Accept-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding

GET
H/1.1 206
Partial Content Mobility-Video-Business-Home-Laufen.mp4
my.mobility.ch/fileadmin/files/mood-videos/ 5 KB
7 KB 18ms
18ms Media
text/html 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/fileadmin/files/mood-videos/Mobility-Video-Business-Home-Laufen.mp4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.mobility.ch/login
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 13 Feb 2023 18:19:54 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Content-Range: bytes 0-5504/5505
Connection: keep-alive
Content-Length: 5505
Last-Modified: Sun, 04 Dec 2022 17:55:32 GMT
Server: Apache
ETag: "1581-5ef0446e6ed00"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *.mobility.ch
Vary: Accept-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding

GET
H/1.1 206
Partial Content mobility-carsharing-winter-skifahren.mp4
my.mobility.ch/fileadmin/files/mood-videos/ 5 KB
7 KB 19ms
19ms Media
text/html 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/fileadmin/files/mood-videos/mobility-carsharing-winter-skifahren.mp4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.mobility.ch/login
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 13 Feb 2023 18:19:54 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Content-Range: bytes 0-5504/5505
Connection: keep-alive
Content-Length: 5505
Last-Modified: Sun, 04 Dec 2022 17:55:32 GMT
Server: Apache
ETag: "1581-5ef0446e6ed00"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *.mobility.ch
Vary: Accept-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding

GET
H/1.1 206
Partial Content Mobility-Video-Elektroladestation.mp4
my.mobility.ch/fileadmin/files/mood-videos/ 5 KB
7 KB 19ms
18ms Media
text/html 195.65.210.72
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.mobility.ch/fileadmin/files/mood-videos/Mobility-Video-Elektroladestation.mp4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.65.210.72 Les Monts-de-Corsier, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.mobility.ch/login
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 13 Feb 2023 18:19:54 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Content-Range: bytes 0-5504/5505
Connection: keep-alive
Content-Length: 5505
Last-Modified: Sun, 04 Dec 2022 17:55:32 GMT
Server: Apache
ETag: "1581-5ef0446e6ed00"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *.mobility.ch
Vary: Accept-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding

POST pageview
api2.branch.io/v1/ 0
0

GET
H2

200

Primary Request login.do Show response
id.mobility.ch/mob-authenticationendpoint/
Redirect Chain

https://id.mobility.ch/oauth2/authorize?response_type=code&client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&redirect_uri=...
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCal...

24 KB
7 KB

10ms
9ms

Document
text/html

35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/main.ae187bcda24979cd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

b0ab7252fa7eb49821c0f9d7ded7ea89ce83cee1d21361db810316674006e8a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.mobility.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 13 Feb 2023 18:19:54 GMT
server: WSO2 Carbon Server
vary: accept-encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
date: Mon, 13 Feb 2023 18:19:54 GMT
location: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
server: WSO2 Carbon Server
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET 03aaa120-6cbd-477a-9d8d-8a7ac97fd0b0.122802df43503764.ttf
my.mobility.ch/ 0
0

GET
H2 200 bootstrap.min.css
id.mobility.ch/mob-authenticationendpoint/libs/bootstrap_3.4.1/css/ 119 KB
20 KB 20ms
18ms Stylesheet
text/css 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/mob-authenticationendpoint/libs/bootstrap_3.4.1/css/bootstrap.min.css

Requested by

Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"121457-1668099042000"
x-frame-options: DENY
vary: accept-encoding
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 Roboto.css
id.mobility.ch/mob-authenticationendpoint/css/ 301 B
855 B 43ms
41ms Stylesheet
text/css 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/mob-authenticationendpoint/css/Roboto.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

a0db4ef06ad7172414ba48c35c5d1308c9b0e43e1c0a3497fd5eb9bea994fc50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"301-1668099042000"
x-frame-options: DENY
content-type: text/css
accept-ranges: bytes
content-length: 301
x-xss-protection: 1; mode=block

GET
H2 200 custom-common.css
id.mobility.ch/mob-authenticationendpoint/css/ 43 KB
30 KB 34ms
32ms Stylesheet
text/css 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/mob-authenticationendpoint/css/custom-common.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

0474be459f51345d8ff9a46704863ee538873de69bb0e1d4558d559b3679bfc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"43595-1668099042000"
x-frame-options: DENY
vary: accept-encoding
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 custom-mob.css
id.mobility.ch/mob-authenticationendpoint/css/ 482 KB
67 KB 47ms
46ms Stylesheet
text/css 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

6084027a20434e47b7da0d5184cb722903cee1e0c6886e177cc80e587595fa68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"493248-1668099042000"
x-frame-options: DENY
vary: accept-encoding
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 header-custom.css
id.mobility.ch/mob-authenticationendpoint/css/ 8 KB
2 KB 39ms
38ms Stylesheet
text/css 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/mob-authenticationendpoint/css/header-custom.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

07b701483657a4bc992b47bf272f18f0cdd338d5930fc3d0d7a2e7de535f6c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"8211-1668099042000"
x-frame-options: DENY
vary: accept-encoding
content-type: text/css
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 login-custom.css
id.mobility.ch/mob-authenticationendpoint/css/ 262 B
815 B 38ms
37ms Stylesheet
text/css 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/mob-authenticationendpoint/css/login-custom.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

03a61ec53ce1dc1857273cdc0ee8115f071981328aecc90c5b804cd613335797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"262-1668099042000"
x-frame-options: DENY
content-type: text/css
accept-ranges: bytes
content-length: 262
x-xss-protection: 1; mode=block

GET
H2 200 custom-scripts.js Show response
id.mobility.ch/mob-authenticationendpoint/js/ 2 KB
2 KB 31ms
31ms Script
application/javascript 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/mob-authenticationendpoint/js/custom-scripts.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

61bf6ab4a62c68cf46a2039b62ddeefa185fa8f613f1d8705d8814650dff3f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"1705-1668099042000"
x-frame-options: DENY
content-type: application/javascript
accept-ranges: bytes
content-length: 1705
x-xss-protection: 1; mode=block

GET
H2 200 logo-inverse.svg
id.mobility.ch/mob-authenticationendpoint/images/ 4 KB
5 KB 9ms
8ms Image
image/svg+xml 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id.mobility.ch/mob-authenticationendpoint/images/logo-inverse.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

0b7cc002b44514cf7a1a5f0a29b7857b0e5486b3ed3b775fa596969153a7eaa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"4168-1668099042000"
x-frame-options: DENY
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4168
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.4.1.js Show response
id.mobility.ch/mob-authenticationendpoint/libs/jquery_3.4.1/ 286 KB
83 KB 18ms
18ms Script
application/javascript 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/mob-authenticationendpoint/libs/jquery_3.4.1/jquery-3.4.1.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

3f80e8e5e1945b57180397b363fb0a747e1e99cf492d59b4f8cd09bfb239f2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"292564-1668099042000"
x-frame-options: DENY
vary: accept-encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.js Show response
id.mobility.ch/mob-authenticationendpoint/libs/bootstrap_3.4.1/js/ 39 KB
11 KB 10ms
10ms Script
application/javascript 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/mob-authenticationendpoint/libs/bootstrap_3.4.1/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"39680-1668099042000"
x-frame-options: DENY
vary: accept-encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 339 KB
96 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-6QTX&l=digitalData

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

361d98805774cc912b761a1dac0ea01c400a971faea935a30d094069458de029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97842
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 18:01:03 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Feb 2023 18:19:54 GMT

GET
H2 200 brandicons.woff
id.mobility.ch/mob-authenticationendpoint/fonts/brandicons/ 27 KB
28 KB 9ms
8ms Font
text/plain 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/mob-authenticationendpoint/fonts/brandicons/brandicons.woff

Requested by

Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

eb54538b38adb5c580996dfd6d3777a654e1f1624ac62544085f349b578a96de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
Origin: https://id.mobility.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"27576-1668099042000"
x-frame-options: DENY
accept-ranges: bytes
content-length: 27576
x-xss-protection: 1; mode=block

GET
H2 200 f7b387cf-f3f4-4160-9162-1ca1b75a3615.woff
id.mobility.ch/mob-authenticationendpoint/fonts/bentonsansregular/ 32 KB
33 KB 9ms
9ms Font
text/plain 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/mob-authenticationendpoint/fonts/bentonsansregular/f7b387cf-f3f4-4160-9162-1ca1b75a3615.woff

Requested by

Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

9cd9d986bd6ebf947d9a38a18e0593788ccb22e6bf6372cb83105de2eabc1930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
Origin: https://id.mobility.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"33000-1668099042000"
x-frame-options: DENY
accept-ranges: bytes
content-length: 33000
x-xss-protection: 1; mode=block

GET
H2 200 03aaa120-6cbd-477a-9d8d-8a7ac97fd0b0.woff
id.mobility.ch/mob-authenticationendpoint/fonts/bentonsansbold/ 33 KB
34 KB 10ms
10ms Font
text/plain 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/mob-authenticationendpoint/fonts/bentonsansbold/03aaa120-6cbd-477a-9d8d-8a7ac97fd0b0.woff

Requested by

Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-common.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

3908afbaf3d191c01bbb354f8ff994174f9cd8b02f49dd971915fe1af82d432d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://id.mobility.ch/mob-authenticationendpoint/css/custom-common.css
Origin: https://id.mobility.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"33717-1668099042000"
x-frame-options: DENY
accept-ranges: bytes
content-length: 33717
x-xss-protection: 1; mode=block

GET
H2 200 password-strength-closed.svg
id.mobility.ch/mob-authenticationendpoint/images/ 2 KB
2 KB 8ms
8ms Image
image/svg+xml 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id.mobility.ch/mob-authenticationendpoint/images/password-strength-closed.svg

Requested by

Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-common.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

961c12a9132a00305c79b1a4cd0eadf6d56663aea57d6cec1950a0d655791f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/css/custom-common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"1897-1668099042000"
x-frame-options: DENY
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1897
x-xss-protection: 1; mode=block

GET
H2 200 app-store-dark-EN.svg
id.mobility.ch/mob-authenticationendpoint/images/ 11 KB
11 KB 9ms
8ms Image
image/svg+xml 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id.mobility.ch/mob-authenticationendpoint/images/app-store-dark-EN.svg

Requested by

Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"10804-1668099042000"
x-frame-options: DENY
content-type: image/svg+xml
accept-ranges: bytes
content-length: 10804
x-xss-protection: 1; mode=block

GET
H2 200 google-play-dark-EN.svg
id.mobility.ch/mob-authenticationendpoint/images/ 9 KB
9 KB 12ms
11ms Image
image/svg+xml 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id.mobility.ch/mob-authenticationendpoint/images/google-play-dark-EN.svg

Requested by

Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

7ef6a4fec06f4e781289ba672e6698a17f4843afac61ccd5e3177871382e1fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"8786-1668099042000"
x-frame-options: DENY
content-type: image/svg+xml
accept-ranges: bytes
content-length: 8786
x-xss-protection: 1; mode=block

GET
H2 200 fontawesome-webfont.woff2
id.mobility.ch/mob-authenticationendpoint/fonts/fontawesome/ 75 KB
76 KB 10ms
9ms Font
text/plain 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/mob-authenticationendpoint/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
Origin: https://id.mobility.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"77160-1668099042000"
x-frame-options: DENY
accept-ranges: bytes
content-length: 77160
x-xss-protection: 1; mode=block

GET
H2 200 glyphicons-halflings-regular.woff2
id.mobility.ch/mob-authenticationendpoint/css/ 18 KB
18 KB 11ms
10ms Font
text/plain 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/mob-authenticationendpoint/css/glyphicons-halflings-regular.woff2

Requested by

Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

7882b1fe56ec16311aed154afc1578601c4fad824da307100cbd641b35bec919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
Origin: https://id.mobility.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:50:42 GMT
server: WSO2 Carbon Server
etag: W/"18028-1668099042000"
x-frame-options: DENY
accept-ranges: bytes
content-length: 18028
x-xss-protection: 1; mode=block

GET
H2 200 logincontext Show response
id.mobility.ch/ 20 B
607 B 8ms
8ms XHR
application/json 35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.mobility.ch/logincontext?sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&tenantDomain=carbon.super

Requested by

Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/libs/jquery_3.4.1/jquery-3.4.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-28-238.eu-central-1.compute.amazonaws.com

Software

WSO2 Carbon Server /

Resource Hash

912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:54 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'
referrer-policy: same-origin
server: WSO2 Carbon Server
content-type: application/json;charset=UTF-8
content-length: 20
x-xss-protection: 1; mode=block

GET
H2

200

private-customers Show response
www.mobility.ch/en/
Redirect Chain

https://www.mobility.ch/en
https://www.mobility.ch/en/private-customers

46 KB
10 KB

27ms
27ms

XHR
text/html

5.148.183.16
NINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mobility.ch/en/private-customers

Protocol

Server

5.148.183.16 Zurich, Switzerland, ASN29691 (NINE, CH),

Reverse DNS

cabvs108.nine.ch

Software

Apache /

Resource Hash

0014ee578f9d0e3a43ddb5b76c79f322d9e5e5af8d29dc1123b95d24309aa155

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.mobility.ch
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires: Mon, 13 Feb 2023 18:19:55 GMT
date: Mon, 13 Feb 2023 18:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
server: Apache
content-security-policy: frame-ancestors 'self' *.mobility.ch
referrer-policy: strict-origin
vary: Accept-Encoding,Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://id.mobility.ch
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

Redirect headers

expires: Mon, 13 Feb 2023 18:19:54 GMT
date: Mon, 13 Feb 2023 18:19:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.mobility.ch
server: Apache
referrer-policy: strict-origin
vary: Accept-Encoding,Origin
content-type: text/html; charset=UTF-8
location: https://www.mobility.ch/en/private-customers
access-control-allow-origin: https://id.mobility.ch
cache-control: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 portal.css
www.mobility.ch/typo3conf/ext/mobility/Templates/Mobility/Resources/Public/Css/ 22 KB
3 KB 15ms
15ms Stylesheet
text/css 5.148.183.16
NINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mobility.ch/typo3conf/ext/mobility/Templates/Mobility/Resources/Public/Css/portal.css

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.148.183.16 Zurich, Switzerland, ASN29691 (NINE, CH),

Reverse DNS

cabvs108.nine.ch

Software

Apache /

Resource Hash

9d1ef2328ef3c697917c4a6ed9de983c683fb57d6c8aa2ffeaee1d41fed0af2f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.mobility.ch
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 09:30:53 GMT
server: Apache
content-security-policy: frame-ancestors 'self' *.mobility.ch
referrer-policy: strict-origin
vary: Accept-Encoding,Origin
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3417
x-xss-protection: 1; mode=block
expires: Tue, 13 Feb 2024 18:19:55 GMT

GET
H2 200 portal.js Show response
www.mobility.ch/typo3conf/ext/mobility/Templates/Mobility/Resources/Public/JavaScript/ 58 KB
21 KB 18ms
18ms Script
application/javascript 5.148.183.16
NINE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mobility.ch/typo3conf/ext/mobility/Templates/Mobility/Resources/Public/JavaScript/portal.js

Requested by

Host: my.mobility.ch
URL: https://my.mobility.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.148.183.16 Zurich, Switzerland, ASN29691 (NINE, CH),

Reverse DNS

cabvs108.nine.ch

Software

Apache /

Resource Hash

05102a91c0e99eee5578d37d84bda884010b48b6e1df58cdf51285c5f868d9fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.mobility.ch
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 09:30:53 GMT
server: Apache
content-security-policy: frame-ancestors 'self' *.mobility.ch
referrer-policy: strict-origin
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20901
x-xss-protection: 1; mode=block
expires: Tue, 13 Feb 2024 18:19:55 GMT

GET
H2

503

https://id.mobility.ch/fileadmin/files/mood-videos/mobility-carsharing-skitour.mp4
https://id.mobility.ch/carbon/admin/login.jsp

0
0

10ms
9ms

Media
text/html

35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.mobility.ch/carbon/admin/login.jsp
Protocol: H2
Server: 35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-28-238.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:55 GMT
server: awselb/2.0
content-length: 564
content-type: text/html

Redirect headers

date: Mon, 13 Feb 2023 18:19:55 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'
referrer-policy: same-origin
server: WSO2 Carbon Server
location: https://id.mobility.ch/carbon/admin/login.jsp
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

503

https://id.mobility.ch/fileadmin/files/mood-videos/Mobility-Video-Business-Home-Laufen.mp4
https://id.mobility.ch/carbon/admin/login.jsp

0
0

10ms
9ms

Media
text/html

35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.mobility.ch/carbon/admin/login.jsp
Protocol: H2
Server: 35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-28-238.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:55 GMT
server: awselb/2.0
content-length: 564
content-type: text/html

Redirect headers

date: Mon, 13 Feb 2023 18:19:55 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'
referrer-policy: same-origin
server: WSO2 Carbon Server
location: https://id.mobility.ch/carbon/admin/login.jsp
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

503

https://id.mobility.ch/fileadmin/files/mood-videos/mobility-carsharing-winter-skifahren.mp4
https://id.mobility.ch/carbon/admin/login.jsp

564 B
634 B

10ms
10ms

Media
text/html

35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.mobility.ch/carbon/admin/login.jsp
Protocol: H2
Server: 35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-28-238.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: c9f4efb516f17b63f449879cee64db462023abd1da92bb551241ead820a9dcfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:55 GMT
server: awselb/2.0
content-length: 564
content-type: text/html

Redirect headers

date: Mon, 13 Feb 2023 18:19:55 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'
referrer-policy: same-origin
server: WSO2 Carbon Server
location: https://id.mobility.ch/carbon/admin/login.jsp
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

503

https://id.mobility.ch/fileadmin/files/mood-videos/Mobility-Video-Elektroladestation.mp4
https://id.mobility.ch/carbon/admin/login.jsp

564 B
634 B

10ms
10ms

Media
text/html

35.158.28.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.mobility.ch/carbon/admin/login.jsp
Protocol: H2
Server: 35.158.28.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-28-238.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: c9f4efb516f17b63f449879cee64db462023abd1da92bb551241ead820a9dcfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=r82kug13GzVom3WgcgYpXUfXceZ4SaSsq69rRFZcCe0&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fk&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=ai1Dbll0YktKM1FjNnRReTVhUnpveEs4SFhsbGN5WEhXdnRsLlFGQTZrM1Fksemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=b0fc2522-7820-4523-9b78-e2ee9ba4321c&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:19:55 GMT
server: awselb/2.0
content-length: 564
content-type: text/html

Redirect headers

date: Mon, 13 Feb 2023 18:19:55 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'
referrer-policy: same-origin
server: WSO2 Carbon Server
location: https://id.mobility.ch/carbon/admin/login.jsp
content-length: 0
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api2.branch.io
URL: https://api2.branch.io/v1/pageview

Domain: my.mobility.ch
URL: https://my.mobility.ch/03aaa120-6cbd-477a-9d8d-8a7ac97fd0b0.122802df43503764.ttf

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
id.mobility.ch/mob-authenticationendpoint	1969-12-31 23:59:59	Name: JSESSIONID Value: FCBC3A9CA9454D842536583BC91B670DDBA2074E296C865CBC09DF1FCE3C6662A1D4773A8A1A51FFB1480EAC3B6D7C47D9B8270D9BE502577AC46D881EA2086219C248154A8764390D932A93C2CDB4A8A9FA98114240A4D7C58C742527DE2212F66685FA0896F53AFDC5C5E7D9B0D6564330AA07BB98A75B86624ECD6B9CBFCA
.app.link/	1970-01-20 18:24:08	Name: _s Value: YHwpYWUnwP%2BnGqKvBEVu9xiWfVuPrDsKxE6G8OV3EuSJ6PsgFphftcyOoYX%2FuB9F
id.mobility.ch/	1970-01-20 09:48:37	Name: AWSALB Value: tEj2a4EP8hEJBAOQ6Zq33drE2sRm1i3qaCok8PykQfo7T92Z/On3ZAHSZXvdoGj4aSe9P/Klz1QZa5HySK1b3vEsN4qYH1def037X3hzpi5wTlLgVcWi2yPkU71d
id.mobility.ch/	1970-01-20 09:48:37	Name: AWSALBCORS Value: tEj2a4EP8hEJBAOQ6Zq33drE2sRm1i3qaCok8PykQfo7T92Z/On3ZAHSZXvdoGj4aSe9P/Klz1QZa5HySK1b3vEsN4qYH1def037X3hzpi5wTlLgVcWi2yPkU71d
id.mobility.ch/	1969-12-31 23:59:59	Name: JSESSIONID Value: 20EE9AD57EA5AC051340291D2FB0AC04
id.mobility.ch/	1969-12-31 23:59:59	Name: requestedURI Value: ../../fileadmin/files/mood-videos/Mobility-Video-Elektroladestation.mp4

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.mobility.ch/carbon/admin/login.jsp Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://id.mobility.ch/carbon/admin/login.jsp Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://id.mobility.ch/carbon/admin/login.jsp Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://id.mobility.ch/carbon/admin/login.jsp Message: Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' .visualwebsiteoptimizer.com https://cdn.branch.io https://app.link .mobility.ch .licdn.com .mobility-sas.com .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' .visualwebsiteoptimizer.com .mobility-sas.com .mobility.ch .adform.net .bing.com .cookiebot.com .google.com .googletagmanager.com .google-analytics.com .googleapis.com .googleadservices.com .gstatic.com .g.doubleclick.net .pilot.datatrans.biz .pay.sandbox.datatrans.com .getback.ch .facebook.net .facebook.com .guuru.com .globalsign.com www.mobility.ch classicweb.mobility.ch; img-src 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mobility.ch
api2.branch.io
app.link
id.mobility.ch
my.mobility.ch
www.googletagmanager.com
www.mobility.ch
api2.branch.io
my.mobility.ch
195.65.210.72
2600:9000:2057:9600:19:9934:6a80:93a1
2600:9000:211a:4000:11:f728:3040:93a1
2a00:1450:4001:80b::2008
3.67.55.235
35.158.28.238
5.148.183.16
0014ee578f9d0e3a43ddb5b76c79f322d9e5e5af8d29dc1123b95d24309aa155
03a61ec53ce1dc1857273cdc0ee8115f071981328aecc90c5b804cd613335797
0474be459f51345d8ff9a46704863ee538873de69bb0e1d4558d559b3679bfc8
05102a91c0e99eee5578d37d84bda884010b48b6e1df58cdf51285c5f868d9fb
07b701483657a4bc992b47bf272f18f0cdd338d5930fc3d0d7a2e7de535f6c95
0b7cc002b44514cf7a1a5f0a29b7857b0e5486b3ed3b775fa596969153a7eaa7
305343b78508ca024338e1cb168ccef7d88aae6352dddf3c870e887fd45b5165
361d98805774cc912b761a1dac0ea01c400a971faea935a30d094069458de029
3908afbaf3d191c01bbb354f8ff994174f9cd8b02f49dd971915fe1af82d432d
3f80e8e5e1945b57180397b363fb0a747e1e99cf492d59b4f8cd09bfb239f2b4
42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b
44001276ca765995db5f3b9d1eebc1aad873fb2204563ad0953cb7fc83cd082f
50c1edc5a911e7642230300feff98f67afc74d5b3c3a6da51687794bf2b4f99f
6084027a20434e47b7da0d5184cb722903cee1e0c6886e177cc80e587595fa68
61bf6ab4a62c68cf46a2039b62ddeefa185fa8f613f1d8705d8814650dff3f8c
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
7882b1fe56ec16311aed154afc1578601c4fad824da307100cbd641b35bec919
7ef6a4fec06f4e781289ba672e6698a17f4843afac61ccd5e3177871382e1fbd
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
961c12a9132a00305c79b1a4cd0eadf6d56663aea57d6cec1950a0d655791f5f
9cd9d986bd6ebf947d9a38a18e0593788ccb22e6bf6372cb83105de2eabc1930
9d1ef2328ef3c697917c4a6ed9de983c683fb57d6c8aa2ffeaee1d41fed0af2f
9d3f134a55066dfd0d225ce3314ecdf7f8088422328d2ec771c7dd9b0bbc4d6c
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a0db4ef06ad7172414ba48c35c5d1308c9b0e43e1c0a3497fd5eb9bea994fc50
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
b0ab7252fa7eb49821c0f9d7ded7ea89ce83cee1d21361db810316674006e8a0
c9f4efb516f17b63f449879cee64db462023abd1da92bb551241ead820a9dcfa
cdc879d1c3889f2834364abc7d9cd67b50206ac48dd5090beca9a1633883a95e
e38ce2c162ff2e0cab6d180ef39fa4c38fd523f6f5eab50a3c3ff7010b416949
eaea9bfee75c4f60c422adf57cfc8c83ea50c591fd18128bf7dc20887a2af3e0
eb54538b38adb5c580996dfd6d3777a654e1f1624ac62544085f349b578a96de
ececcc62e2c708a15ee30c314eaf07bba09e6249e12f5d4947b190f4c550c920
f4beba9fe514443c75d9f945c4aa3e8fbe2628dba862a651272048aaf6a442ec

id.mobility.ch Open in urlscan Pro 35.158.28.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

87 %HTTPS

43 %IPv6

4 Domains

7 Subdomains

8 IPs

3 Countries

2825 kBTransfer

10191 kBSize

6 Cookies

14 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

id.mobility.ch Open in urlscan Pro
35.158.28.238 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

87 %
HTTPS

43 %
IPv6

4
Domains

7
Subdomains

8
IPs

3
Countries

2825 kB
Transfer

10191 kB
Size

6
Cookies

61 HTTP transactions
1 data transactions