www.swisspass.ch Open in urlscan Pro
193.203.121.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.tekirdagguncelhaber.net/pass/
Effective URL:
https://www.swisspass.ch/home
Submission: On February 28 via automatic, source phishtank (February 28th 2024, 3:05:01 pm UTC) — Scanned from DE

Summary HTTP 55 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 55 HTTP transactions. The main IP is 193.203.121.166, located in Switzerland and belongs to SBB-CFF-FFS Telecom SBB, CH. The main domain is www.swisspass.ch. The Cisco Umbrella rank of the primary domain is 716677.
TLS certificate: Issued by R3 on January 7th 2024. Valid for: 3 months.

This is the only time www.swisspass.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3036::ac43:d227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	132.148.76.65 132.148.76.65	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
15	193.203.121.166 193.203.121.166	31004 (SBB-CFF-F...) (SBB-CFF-FFS Telecom SBB)
7	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2600:9000:225... 2600:9000:2250:cc00:8:ddec:8f00:21	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:786::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	193.203.121.145 193.203.121.145	31004 (SBB-CFF-F...) (SBB-CFF-FFS Telecom SBB)
55	7

1 2606:4700:3036::ac43:d227 (United States)

ASN13335 (CLOUDFLARENET, US)

www.tekirdagguncelhaber.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 132.148.76.65 (United States) 2 redirects

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 65.76.148.132.host.secureserver.net

www.eazylocks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 193.203.121.166 (Switzerland)

ASN31004 (SBB-CFF-FFS Telecom SBB, CH)

www.swisspass.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.swisspass.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2600:9000:2250:cc00:8:ddec:8f00:21 (United States)

ASN16509 (AMAZON-02, US)

d27la2n6wh4qws.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:786::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.203.121.145 (Switzerland)

ASN31004 (SBB-CFF-FFS Telecom SBB, CH)

resources.swisspass.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	cloudfront.net d27la2n6wh4qws.cloudfront.net	883 KB
17	swisspass.ch www.swisspass.ch — Cisco Umbrella Rank: 716677 login.swisspass.ch — Cisco Umbrella Rank: 283707 resources.swisspass.ch	1 MB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 330	140 KB
2	eazylocks.com 2 redirects www.eazylocks.com	487 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 554	312 B
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 448	38 KB
1	tekirdagguncelhaber.net www.tekirdagguncelhaber.net	546 B
55	7

	Domain	Requested by
28	d27la2n6wh4qws.cloudfront.net	www.swisspass.ch d27la2n6wh4qws.cloudfront.net
11	www.swisspass.ch	www.tekirdagguncelhaber.net www.swisspass.ch d27la2n6wh4qws.cloudfront.net
7	cdn.cookielaw.org	www.swisspass.ch cdn.cookielaw.org d27la2n6wh4qws.cloudfront.net
4	login.swisspass.ch	d27la2n6wh4qws.cloudfront.net
2	resources.swisspass.ch
2	www.eazylocks.com	2 redirects
1	geolocation.onetrust.com	cdn.cookielaw.org
1	assets.adobedtm.com	www.swisspass.ch
1	www.tekirdagguncelhaber.net
55	9

This site contains links to these domains. Also see Links.

Domain
login.swisspass.ch
www.sbb.ch

Subject Issuer	Validity	Valid
tekirdagguncelhaber.net GTS CA 1P5	`2024-01-22` - `2024-04-21`	3 months	crt.sh
www.swisspass.ch R3	`2024-01-07` - `2024-04-06`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
login.swisspass.ch R3	`2024-01-07` - `2024-04-06`	3 months	crt.sh
resources.swisspass.ch R3	`2024-01-07` - `2024-04-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.swisspass.ch/home
Frame ID: 4A65089220FEFA03A520C6C7FCA231D2
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

swisspass.ch

Page URL History Show full URLs

https://www.tekirdagguncelhaber.net/pass/ Page URL
https://www.eazylocks.com/swisspass HTTP 301
https://www.eazylocks.com/swisspass/ HTTP 302
https://www.swisspass.ch/home Page URL

Detected technologies

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

55
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

2098 kB
Transfer

4853 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://login.swisspass.ch/pw-reset?provider=swiss_ch&lang=de
Title: Passwort vergessen?

Search URL Search Domain Scan URL

URL: https://www.sbb.ch/de/wettbewerbe/swisspass-plus-winter-wettbewerb.html
Title: Mitspielen und gewinnen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.tekirdagguncelhaber.net/pass/ Page URL
https://www.eazylocks.com/swisspass HTTP 301
https://www.eazylocks.com/swisspass/ HTTP 302
https://www.swisspass.ch/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
www.tekirdagguncelhaber.net/pass/ 76 B
546 B 199ms
143ms Document
text/html 2606:4700:3036::ac43:d227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tekirdagguncelhaber.net/pass/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85c9900fdc9d668d-AMS
content-encoding: br
content-type: text/html
date: Wed, 28 Feb 2024 15:04:55 GMT
last-modified: Wed, 28 Feb 2024 10:44:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVuVyAs7IdlMAsLjsMtzIm5KSmMWjyD76dSJlQcFJC8U%2FZthCTySsLAqp%2FbB6Q9%2Bclc%2BHssFzNPoMwi%2FLI6lVMJ86bLE0%2FJRMRq%2BVDlg5BxKHo9TOykOOQT5XUwwBjukngOtXwnBNltGRztgMtg5tYKnCb8JuiklZPQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1

200
OK

Primary Request home Show response
www.swisspass.ch/
Redirect Chain

https://www.eazylocks.com/swisspass
https://www.eazylocks.com/swisspass/
https://www.swisspass.ch/home

4 KB
5 KB

120ms
35ms

Document
text/html

193.203.121.166
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.swisspass.ch/home

Requested by

Host: www.tekirdagguncelhaber.net
URL: https://www.tekirdagguncelhaber.net/pass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.166 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

3a137c40043f518e1861a1dd818d23911020328bb107ad4a971bdb7203111b8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tekirdagguncelhaber.net/pass/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 4183
Content-Type: text/html
Date: Wed, 28 Feb 2024 15:04:56 GMT
Feature-Policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Keep-Alive: timeout=10, max=500
Referrer-Policy: same-origin
Server: Apache
Strict-Transport-Security: max-age=16070400
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
accept-ranges: bytes
cache-control: no-cache no-store, no-cache, must-revalidate, post-check=0, pre-check=0
etag: "65deeb5b-1057"
expires: Wed, 28 Feb 2024 15:04:55 GMT
last-modified: Wed, 28 Feb 2024 08:14:19 GMT
pragma: no-cache

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Feb 2024 15:04:55 GMT
Keep-Alive: timeout=5, max=99
Location: https://www.swisspass.ch/home
Server: Apache

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 45ms
23ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.swisspass.ch
URL: https://www.swisspass.ch/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 28 Feb 2024 15:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OKrCs7nhvutcs03VCUskmw==
age: 36980
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Tue, 27 Feb 2024 03:06:26 GMT
server: cloudflare
etag: 0x8DC37411679B650
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3633ee45-101e-00a5-122a-696ff9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85c99017acfc3645-FRA

GET
H2 200 safari-nomodule.js Show response
d27la2n6wh4qws.cloudfront.net/1.11.267/assets/libs/ 1 KB
1 KB 257ms
19ms Script
application/x-javascript 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/assets/libs/safari-nomodule.js

Requested by

Host: www.swisspass.ch
URL: https://www.swisspass.ch/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ed18db3600e1fb6056a4244321df84eb8fc8a38bdb0c8100342aee0111400eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:57:44 GMT
content-encoding: br
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97633
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:42 GMT
server: AmazonS3
etag: W/"3a4ec97c91efae40bad580edfb77e395"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000
x-amz-cf-id: 2ANx3o2foL0jqfzdask001xdMXYxy-aUSGACCmtjKWALXn8HQfoa-w==

GET
H2 200 modernizr.js Show response
d27la2n6wh4qws.cloudfront.net/1.11.267/assets/libs/ 8 KB
4 KB 256ms
18ms Script
application/x-javascript 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/assets/libs/modernizr.js

Requested by

Host: www.swisspass.ch
URL: https://www.swisspass.ch/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4a3d4cf982535aaf485c6e3af9ad1498df5c065adf94eed056f0aa13c31e92ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:57:44 GMT
content-encoding: br
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97633
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:42 GMT
server: AmazonS3
etag: W/"4d11af9e90e621d0f067d464959ebd7b"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000
x-amz-cf-id: bObLjPv0BQ7izgdqYcrfGoqz5FCv0JiapZRUz8ynBAiAAzf_oRwkHQ==

GET
H2 200 launch-6cc731e967aa.min.js Show response
assets.adobedtm.com/15ff638fdec4/7a0c4d63ddff/ 124 KB
38 KB 272ms
200ms Script
application/x-javascript 2a02:26f0:7100:786::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/15ff638fdec4/7a0c4d63ddff/launch-6cc731e967aa.min.js
Requested by: Host: www.swisspass.ch
URL: https://www.swisspass.ch/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:786::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f053f049a78c3afbce0d34f57d0bea4a24f7964d0e1e45197a35c06124b5e357

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 15:04:56 GMT
content-encoding: gzip
last-modified: Wed, 22 Nov 2023 12:08:14 GMT
server: AkamaiNetStorage
etag: "d5bf712a6ebd7590bb155ad6e1290f49:1700654894.794356"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 39144
expires: Wed, 28 Feb 2024 16:04:56 GMT

GET
H/1.1 200
OK env.js Show response
www.swisspass.ch/ 4 KB
5 KB 37ms
35ms Script
application/javascript 193.203.121.166
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.swisspass.ch/env.js?v=1709108059

Requested by

Host: www.swisspass.ch
URL: https://www.swisspass.ch/home

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.166 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

041c927adc5ad4c19f6287f350460fe74ffab492aca553602dafc1b378b4941c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.swisspass.ch/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 15:04:56 GMT
Strict-Transport-Security: max-age=16070400
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 4067
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
last-modified: Wed, 28 Feb 2024 08:14:19 GMT
Server: Apache
etag: "65deeb5b-fe3"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
cache-control: max-age=31536000
Feature-Policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
accept-ranges: bytes
Keep-Alive: timeout=10, max=499
expires: Thu, 27 Feb 2025 15:04:56 GMT

GET
H2 200 styles.2ca9cdaa64e425a6.css
d27la2n6wh4qws.cloudfront.net/1.11.267/ 408 KB
46 KB 246ms
8ms Stylesheet
text/css 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/styles.2ca9cdaa64e425a6.css

Requested by

Host: www.swisspass.ch
URL: https://www.swisspass.ch/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fe70e3a40775c77c481cdf267601a438d26104db232027597d78c93e18d621ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:57:44 GMT
content-encoding: br
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97633
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:45 GMT
server: AmazonS3
etag: W/"93677b6b1f442e0941a5a24ac151363d"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: QNaLNwNhYDOiRRAp2hK4-wIDWhKN3z9TwKRtmEJkOHloAMDk1Vp0Ig==

GET
H2 200 runtime.ae958c19ad719900.js Show response
d27la2n6wh4qws.cloudfront.net/1.11.267/ 4 KB
3 KB 246ms
9ms Script
application/x-javascript 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/runtime.ae958c19ad719900.js

Requested by

Host: www.swisspass.ch
URL: https://www.swisspass.ch/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f77ae1baaf91b6f567d508f9767a482ca3b83926d8b4e4111eddd9281d458d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.swisspass.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:57:44 GMT
content-encoding: br
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97633
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:45 GMT
server: AmazonS3
etag: W/"ffe359d72c4eb6fc9811d96d4aff987d"
x-frame-options: SAMEORIGIN
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: MBlDlZKWkgEmfqoX9154pRQjNkmlCq-vHEXsDDlZ1sJHRUe6_ZqPlg==

GET
H2 200 polyfills.97b001917a103cc1.js Show response
d27la2n6wh4qws.cloudfront.net/1.11.267/ 276 KB
89 KB 252ms
15ms Script
application/x-javascript 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Requested by

Host: www.swisspass.ch
URL: https://www.swisspass.ch/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c91ce6e4f0098d81c86b6465ccadd0b519f07b3f6afd4a2f313752055be9cde4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.swisspass.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:57:44 GMT
content-encoding: br
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97633
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:45 GMT
server: AmazonS3
etag: W/"9d63e025a3cdb1f6f787ac8a2447dd27"
x-frame-options: SAMEORIGIN
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: 8DTqySIeprBk1pgMSLqkfjfFSz1PT4Ou4r-Z8mT5Gs2eXzOSehYDtQ==

GET
H2 200 scripts.d33dbbc649ce2069.js Show response
d27la2n6wh4qws.cloudfront.net/1.11.267/ 78 KB
23 KB 10ms
9ms Script
application/x-javascript 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/scripts.d33dbbc649ce2069.js

Requested by

Host: www.swisspass.ch
URL: https://www.swisspass.ch/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a40640a46c63c64c8cfbcbb34b30957c7b4f867ae056fe63181d463cac3a7336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:57:44 GMT
content-encoding: br
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97633
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:45 GMT
server: AmazonS3
etag: W/"3061b16f0e7809dab032a67d9b8f1c67"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000
x-amz-cf-id: T2vyy7LGp-bOLCViFOmIBG0ScdN9eYbtrC61cpXZCZlyIdmyZAX8BQ==

GET
H2 200 main.a35e3a7436907adb.js Show response
d27la2n6wh4qws.cloudfront.net/1.11.267/ 2 MB
481 KB 245ms
9ms Script
application/x-javascript 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/main.a35e3a7436907adb.js

Requested by

Host: www.swisspass.ch
URL: https://www.swisspass.ch/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

02f745b554b331621578d2b974856b1276d2d6b8217dcd4522606bd739538c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.swisspass.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:57:44 GMT
content-encoding: br
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97633
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:45 GMT
server: AmazonS3
etag: W/"99589af60396b24e67dca9d6b52b08ee"
x-frame-options: SAMEORIGIN
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: LMgGQ1ktpJ39K4kArV52tgtIF5ZzrJ7l3o03ugSrpnPArtc32wZs5A==

GET
H2 200 e91f4b90-f9aa-4ace-891b-96dd07595d9f.json Show response
cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f/ 4 KB
2 KB 44ms
26ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f/e91f4b90-f9aa-4ace-891b-96dd07595d9f.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b273b1769d76f3fde8aa98d5dd7305f26a18653f6c89736e708af2473140e38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 28 Feb 2024 15:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 27697
content-md5: opItUm5/oBImgl5rYEJBBA==
content-length: 1535
x-ms-lease-status: unlocked
last-modified: Tue, 13 Jun 2023 10:25:37 GMT
server: cloudflare
etag: 0x8DB6BF887D5C272
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e0806d74-a01e-0009-7b0d-157c50000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85c99017eba53669-FRA
expires: Thu, 29 Feb 2024 15:04:56 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 42ms
27ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 15:04:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 85c990182dbb30d0-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/ 403 KB
97 KB 21ms
20ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 28 Feb 2024 15:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fuN6EZWNAh2xn3yE+0HSRQ==
age: 36959
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99428
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:48 GMT
server: cloudflare
etag: 0x8DB81B7897E828A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bb61c14c-801e-006c-0ac6-0bd214000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85c990192e6b3645-FRA

GET
H2 200 SBBWeb-Light.bc18b368199ae515.woff
d27la2n6wh4qws.cloudfront.net/1.11.267/ 73 KB
74 KB 9ms
8ms Font
application/octet-stream 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/SBBWeb-Light.bc18b368199ae515.woff

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/styles.2ca9cdaa64e425a6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

827f57b69d5c20311780ef5c23fc1ab8437b398b5e052767735177ec842ef338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d27la2n6wh4qws.cloudfront.net/1.11.267/styles.2ca9cdaa64e425a6.css
Origin: https://www.swisspass.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:27:38 GMT
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 95839
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 74672
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:41 GMT
server: AmazonS3
etag: "cd78c9b37c110283ebb483bd7ec231d8"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-amz-cf-id: VuvLOlfiYL7koZvJNZui3BOArYRESF0tkx_cNkpF8aBEbipP4jjN1A==

GET
H2 200 de-ch.json Show response
cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f/ba92dbb5-02d7-443f-8481-b67e4427328b/ 47 KB
13 KB 24ms
24ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f/ba92dbb5-02d7-443f-8481-b67e4427328b/de-ch.json

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ba0189bc4d6a3d77b4cb68e6d4af2fabb6ec28dd41d18d98fa19b79b6fc0e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 28 Feb 2024 15:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14916
content-md5: 58jvWx/Isb4+bUoXUFZDFg==
content-length: 13181
x-ms-lease-status: unlocked
last-modified: Tue, 13 Jun 2023 10:25:40 GMT
server: cloudflare
etag: 0x8DB6BF889B896B7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1b6dfb40-c01e-0042-1747-238003000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85c99019ad1a3669-FRA
expires: Thu, 29 Feb 2024 15:04:56 GMT

OPTIONS
H/1.1 200
OK openid-configuration
login.swisspass.ch/v3/oev-oauth/rest/oauth2/authorization-servers/swisspass_ch/.well-known/ 0
0 98ms
17ms Preflight
text/html 193.203.121.166
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.swisspass.ch/v3/oev-oauth/rest/oauth2/authorization-servers/swisspass_ch/.well-known/openid-configuration
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.203.121.166 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlation-id
Access-Control-Request-Method: GET
Origin: https://www.swisspass.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Authorization, X-Same-Domain, X-Access-Protected-SS, x-correlation-id
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.swisspass.ch
Access-Control-Max-Age: 36000
Connection: Keep-Alive
Content-Length: 491
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 28 Feb 2024 15:04:56 GMT
Keep-Alive: timeout=10, max=500
Server: Apache

GET
H/1.1 200
OK openid-configuration Show response
login.swisspass.ch/v3/oev-oauth/rest/oauth2/authorization-servers/swisspass_ch/.well-known/ 2 KB
3 KB 61ms
24ms XHR
application/json 193.203.121.166
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.swisspass.ch/v3/oev-oauth/rest/oauth2/authorization-servers/swisspass_ch/.well-known/openid-configuration

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.166 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

be95ab7dd6fb6e0fd0427e1d7dc9fd3814a95df023af7b971e8d84406aec6e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Correlation-ID: 47243522-90fd-4d4c-afe4-f7e35d09d9ee
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 15:04:56 GMT
Strict-Transport-Security: max-age=16070400
X-Content-Type-Options: nosniff
Server-Timing: intid;desc=a5b8bee1ee2f3581
Connection: Keep-Alive
Content-Length: 1860
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: same-origin
Last-Modified: Wed, 28 Feb 2024 15:04:56 GMT
Server: Apache
Access-Control-Max-Age: 36000
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.swisspass.ch
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Feature-Policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Authorization, X-Same-Domain, X-Access-Protected-SS, x-correlation-id
Keep-Alive: timeout=10, max=500
Expires: 0

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 13 KB
3 KB 18ms
18ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otFlat.json

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 28 Feb 2024 15:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: iCAxFkQWfzfDHevR0IbBjg==
age: 24997
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3019
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:41 GMT
server: cloudflare
etag: 0x8DB81B78556557A
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b46454cf-e01e-0037-7691-0ceb2f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85c9901a3d8b3669-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 21 KB
4 KB 19ms
19ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otCommonStyles.css

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 28 Feb 2024 15:04:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 27816
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: c95138cc-701e-009c-2490-1794e5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85c9901a3d8d3669-FRA

GET
H/1.1 200
OK jwks Show response
login.swisspass.ch/v3/oev-oauth/rest/oauth2/authorization-servers/swisspass_ch/ 434 B
2 KB 25ms
25ms XHR
application/json 193.203.121.166
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.swisspass.ch/v3/oev-oauth/rest/oauth2/authorization-servers/swisspass_ch/jwks

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.166 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

f27e84a63692531be7a580b0e3421cba2c44c7dafcc121d6a0943b6a6c9ddf72

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Correlation-ID: f2ef6ae3-ca09-4a49-848d-162cf32cb7bd
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 15:04:56 GMT
Strict-Transport-Security: max-age=16070400
X-Content-Type-Options: nosniff
Server-Timing: intid;desc=ba68502896089bc5
Connection: Keep-Alive
Content-Length: 434
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: same-origin
Last-Modified: Wed, 28 Feb 2024 15:04:56 GMT
Server: Apache
Access-Control-Max-Age: 36000
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.swisspass.ch
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Feature-Policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Authorization, X-Same-Domain, X-Access-Protected-SS, x-correlation-id
Keep-Alive: timeout=10, max=499
Expires: 0

OPTIONS
H/1.1 200
OK jwks
login.swisspass.ch/v3/oev-oauth/rest/oauth2/authorization-servers/swisspass_ch/ 0
0 18ms
18ms Preflight
text/html 193.203.121.166
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.swisspass.ch/v3/oev-oauth/rest/oauth2/authorization-servers/swisspass_ch/jwks
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.203.121.166 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlation-id
Access-Control-Request-Method: GET
Origin: https://www.swisspass.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Authorization, X-Same-Domain, X-Access-Protected-SS, x-correlation-id
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.swisspass.ch
Access-Control-Max-Age: 36000
Connection: Keep-Alive
Content-Length: 491
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 28 Feb 2024 15:04:56 GMT
Keep-Alive: timeout=10, max=499
Server: Apache

OPTIONS
H2 200 de.json
d27la2n6wh4qws.cloudfront.net/1.11.267/assets/i18n/CORE/ 0
0 26ms
26ms Preflight 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/assets/i18n/CORE/de.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlation-id
Access-Control-Request-Method: GET
Origin: https://www.swisspass.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: x-correlation-id
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
access-control-allow-origin: *
access-control-max-age: 3000
content-length: 0
date: Wed, 28 Feb 2024 15:04:57 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=31536000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-id: W3FzxYnq5s6lJRXbdtmdGkJT-imrH0RARTfpICzO-KikEsZNlvHJ_A==
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 403
Forbidden authenemail Show response
www.swisspass.ch/public/api/benutzer/v2/accounts/ 0
501 B 28ms
27ms XHR
text/plain 193.203.121.166
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.swisspass.ch/public/api/benutzer/v2/accounts/authenemail

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.166 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
X-Correlation-ID: 1c3f9c39-c544-467a-9582-303df90fd9f5
Referer: https://www.swisspass.ch/home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 28 Feb 2024 15:04:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
Referrer-Policy: same-origin
Server: Apache
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=10, max=498
Content-Length: 0
x-xss-protection: 0
expires: 0

GET
H2 200 de.json Show response
d27la2n6wh4qws.cloudfront.net/1.11.267/assets/i18n/CORE/ 15 KB
5 KB 9ms
9ms XHR
application/json 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/assets/i18n/CORE/de.json

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

022649b4ec9c2ba2d0ea50709aef3bfe81f866508dfdd90b84aebd3311417539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Correlation-ID: 8d19485a-2d82-4c80-9319-947241c3cb12
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:57:51 GMT
content-encoding: br
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:41 GMT
server: AmazonS3
etag: W/"b817a1e67a79f2b61757a103a9091754"
x-frame-options: SAMEORIGIN
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: UsPqD7FYhMDn9o5BrRhq68kuxTD0_SzoonynikamUJS5Zu0DQM-MGA==

GET
H/1.1 500
Internal Server Error laender Show response
www.swisspass.ch/public/api/benutzer/v2/ 117 B
644 B 56ms
29ms XHR
application/json 193.203.121.166
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.swisspass.ch/public/api/benutzer/v2/laender

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.166 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

c344e8ffc149302893ac9fb05072f84e3546bda7d20ffc50a88799fcad3d013d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
X-Correlation-ID: 67867e72-3bc0-4a70-83e3-776ab9e4ad20
Referer: https://www.swisspass.ch/home
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 28 Feb 2024 15:04:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
Referrer-Policy: same-origin
Server: Apache
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
Content-Type: application/json
Transfer-Encoding: chunked
cache-control: no-cache, no-store, max-age=0, must-revalidate
Connection: close
x-xss-protection: 0
expires: 0

GET
H2 200 icomoon.7c32c31f10252b08.woff2
d27la2n6wh4qws.cloudfront.net/1.11.267/ 7 KB
7 KB 9ms
8ms Font
application/octet-stream 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/icomoon.7c32c31f10252b08.woff2?7m5yri

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/styles.2ca9cdaa64e425a6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

78a4a776506b173ae79fd021d0e9003c7d653ca204ea1d69bea4d553f92f787d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d27la2n6wh4qws.cloudfront.net/1.11.267/styles.2ca9cdaa64e425a6.css
Origin: https://www.swisspass.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:57:51 GMT
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6676
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:45 GMT
server: AmazonS3
etag: "76d0b40f597b59510e88eeec38c1add3"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: vpAE1i8Rb4OGOzrCs44a-iz5XyUZZZqTitnNJAG7odxDP1p4_vAQQg==

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f/ba92dbb5-02d7-443f-8481-b67e4427328b/de-ch.json

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ba0189bc4d6a3d77b4cb68e6d4af2fabb6ec28dd41d18d98fa19b79b6fc0e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 28 Feb 2024 15:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14916
content-md5: 58jvWx/Isb4+bUoXUFZDFg==
content-length: 13181
x-ms-lease-status: unlocked
last-modified: Tue, 13 Jun 2023 10:25:40 GMT
server: cloudflare
etag: 0x8DB6BF889B896B7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1b6dfb40-c01e-0042-1747-238003000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85c9901bce963669-FRA
expires: Thu, 29 Feb 2024 15:04:56 GMT

GET
H2 200 655.9bdc216e23630fd3.js Show response
d27la2n6wh4qws.cloudfront.net/1.11.267/ 17 KB
3 KB 12ms
12ms Script
application/x-javascript 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/655.9bdc216e23630fd3.js

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/runtime.ae958c19ad719900.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7ac77e38d4b9c387f2b0a2838f542a279cb010bf8f708605270ccdc5f268d7da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.swisspass.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:57:51 GMT
content-encoding: br
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:41 GMT
server: AmazonS3
etag: W/"3f676a61468d159166ac138937dcedcf"
x-frame-options: SAMEORIGIN
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: txxbQqUAidREHAUNt7teU9ygM_-zmG6juzt_vfnOKD2xtwjnw9j-KQ==

GET
H2 200 848.f7fe432d77ba729f.js Show response
d27la2n6wh4qws.cloudfront.net/1.11.267/ 76 KB
8 KB 9ms
8ms Script
application/x-javascript 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/848.f7fe432d77ba729f.js

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/runtime.ae958c19ad719900.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5354bd00a9a39277e728af3bd76781b32fd6445ac64600c85daf27445a2a25a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.swisspass.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:57:51 GMT
content-encoding: br
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:41 GMT
server: AmazonS3
etag: W/"955a19c6291cb531de441bc3293370c0"
x-frame-options: SAMEORIGIN
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: mVNmn9liB9bvfa4a4tIk5GPmWULBuXg13yqiAoztlDZMSlehQRoUcg==

GET
H2 200 44.5d63accf5782f12e.js Show response
d27la2n6wh4qws.cloudfront.net/1.11.267/ 29 KB
2 KB 10ms
10ms Script
application/x-javascript 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/44.5d63accf5782f12e.js

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/runtime.ae958c19ad719900.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3452f1c392c9f62eea3bb3651eb1a20fec95d1a93deaa0b6d426d7a28a797076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.swisspass.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:57:51 GMT
content-encoding: br
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:41 GMT
server: AmazonS3
etag: W/"2988fa3aaee8cef93485dde3e3cf9bbc"
x-frame-options: SAMEORIGIN
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: mKWy6ci23K2uC4tmcC228TQATbBsLYpbjSD-go4W2tK5PL6WTEEthA==

GET
H2 200 901.c3033fc3a7a2667b.js Show response
d27la2n6wh4qws.cloudfront.net/1.11.267/ 44 KB
3 KB 9ms
9ms Script
application/x-javascript 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/901.c3033fc3a7a2667b.js

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/runtime.ae958c19ad719900.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

393d1a713918f44daf9186747928ca8b9db7e2df4efb47636183005538ec4daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.swisspass.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:57:51 GMT
content-encoding: br
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:41 GMT
server: AmazonS3
etag: W/"59282c521b2241bb7b6ade043f62abb8"
x-frame-options: SAMEORIGIN
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: r6NjBCbrf6qJSXFe73_ojjmteEmVpUeeaFjN4l_ofEd93MVZC7bLbg==

GET
H2 200 logo_mobile.svg
d27la2n6wh4qws.cloudfront.net/1.11.267/assets/resources/img/ 8 KB
4 KB 12ms
11ms Image
image/svg+xml 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/assets/resources/img/logo_mobile.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32b83cf286ae208689cf5d7695135cb8c9b57626c1fd35797b4d44d9740fd61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:49:08 GMT
content-encoding: br
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 98149
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:43 GMT
server: AmazonS3
etag: W/"006467bf223dbeb73f9206aadbc71a74"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: _iqtDuR6fWUteK9M9zhbR3JdZZmj27pD-9VDb8jMdjbg-8Z3WG9E9g==

GET
H2 200 logo.svg
d27la2n6wh4qws.cloudfront.net/1.11.267/assets/resources/img/ 7 KB
3 KB 13ms
13ms Image
image/svg+xml 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/assets/resources/img/logo.svg?v=190221144011

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:49:08 GMT
content-encoding: br
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 98149
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:43 GMT
server: AmazonS3
etag: W/"795242580bfa3135028bd0750fdc1654"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: EflPKX-rIo0FkDni-cwf7GS750GHzMORIuVEpt_P22Si7H5DF8NL4A==

GET
H2 200 logo_mobile.svg
d27la2n6wh4qws.cloudfront.net/1.11.267/assets/resources/img/ 8 KB
4 KB 10ms
10ms Image
image/svg+xml 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/assets/resources/img/logo_mobile.svg?v=190221144011

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32b83cf286ae208689cf5d7695135cb8c9b57626c1fd35797b4d44d9740fd61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:49:08 GMT
content-encoding: br
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 98149
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:43 GMT
server: AmazonS3
etag: W/"006467bf223dbeb73f9206aadbc71a74"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: jysBX5dXz_51Dip90cffyAkEWzS0Xx_7PKKdH8mJOZlayMewjmP73Q==

GET
H2 200 logo.svg
d27la2n6wh4qws.cloudfront.net/1.11.267/assets/resources/img/ 7 KB
3 KB 12ms
12ms Image
image/svg+xml 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/assets/resources/img/logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:49:08 GMT
content-encoding: br
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 98149
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:43 GMT
server: AmazonS3
etag: W/"795242580bfa3135028bd0750fdc1654"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: TVdEjg5FTAfuU20JGMW8LoMqYrizVT46OGJUm0qL5kK6gDT4TKCiKw==

GET
H/1.1 403
Forbidden authenemail Show response
www.swisspass.ch/public/api/benutzer/v2/accounts/ 0
501 B 38ms
38ms XHR
text/plain 193.203.121.166
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.swisspass.ch/public/api/benutzer/v2/accounts/authenemail

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.166 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
X-Correlation-ID: e4f58c4a-c3ca-4da2-b0d7-e19bb779b566
Referer: https://www.swisspass.ch/home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 28 Feb 2024 15:04:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
Referrer-Policy: same-origin
Server: Apache
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=10, max=500
Content-Length: 0
x-xss-protection: 0
expires: 0

GET
H/1.1 403
Forbidden abonnements Show response
www.swisspass.ch/public/api/leistungen/v7/ 0
515 B 43ms
42ms XHR
text/plain 193.203.121.166
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.swisspass.ch/public/api/leistungen/v7/abonnements?scope=GUELTIG

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.166 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
X-Correlation-ID: 72b79871-b3a8-4af2-a9a8-b4b18f136ced
Referer: https://www.swisspass.ch/home
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 28 Feb 2024 15:04:57 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
Referrer-Policy: same-origin
Server: Apache
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
cache-control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=10, max=499
x-xss-protection: 0
expires: 0

GET
H/1.1 403
Forbidden authenemail Show response
www.swisspass.ch/public/api/benutzer/v2/accounts/ 0
501 B 32ms
32ms XHR
text/plain 193.203.121.166
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.swisspass.ch/public/api/benutzer/v2/accounts/authenemail

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.166 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
X-Correlation-ID: 261045e9-e62d-4591-bcf3-c86574c32a55
Referer: https://www.swisspass.ch/home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 28 Feb 2024 15:04:58 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
Referrer-Policy: same-origin
Server: Apache
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=10, max=498
Content-Length: 0
x-xss-protection: 0
expires: 0

GET
H/1.1 403
Forbidden authenemail Show response
www.swisspass.ch/public/api/benutzer/v2/accounts/ 0
501 B 33ms
32ms XHR
text/plain 193.203.121.166
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.swisspass.ch/public/api/benutzer/v2/accounts/authenemail

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.166 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
X-Correlation-ID: 5118039b-24b3-4bc7-8aa0-f95b76a3cdab
Referer: https://www.swisspass.ch/home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 28 Feb 2024 15:04:59 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
Referrer-Policy: same-origin
Server: Apache
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=10, max=497
Content-Length: 0
x-xss-protection: 0
expires: 0

OPTIONS
H2 200 de.json
d27la2n6wh4qws.cloudfront.net/1.11.267/assets/i18n/WELCOME/ 0
0 25ms
25ms Preflight 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/assets/i18n/WELCOME/de.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlation-id
Access-Control-Request-Method: GET
Origin: https://www.swisspass.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: x-correlation-id
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
access-control-allow-origin: *
access-control-max-age: 3000
content-length: 0
date: Wed, 28 Feb 2024 15:05:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=31536000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-id: j5haQyZL7vYUwo8QKHB9x-duHr-df0yR0tFT1G3RESRZ72EMJIlw1Q==
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK welcome Show response
www.swisspass.ch/public/api/plus/v2/ 2 KB
3 KB 35ms
35ms XHR
application/json 193.203.121.166
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.swisspass.ch/public/api/plus/v2/welcome

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.166 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

c99b55f0715d5e15eb9361b1f8fefdb00ac26f8c71000a276499b30871587ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
X-Correlation-ID: 16dec5b9-a808-44cb-8afa-89432fb2753a
Referer: https://www.swisspass.ch/home
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 28 Feb 2024 15:05:00 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
Referrer-Policy: same-origin
Server: Apache
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
Content-Type: application/json
Transfer-Encoding: chunked
cache-control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=10, max=496
x-xss-protection: 0
expires: 0

GET
H2 200 de.json Show response
d27la2n6wh4qws.cloudfront.net/1.11.267/assets/i18n/WELCOME/ 3 KB
2 KB 10ms
10ms XHR
application/json 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/assets/i18n/WELCOME/de.json

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

52484ca4c19c278ba2129f5f6ab4d04aeb1f4667e6b71bb04d7e82736c96d39c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Correlation-ID: ba44c101-d80f-4518-9c10-cb468efe82ec
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:58:00 GMT
content-encoding: br
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97621
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:42 GMT
server: AmazonS3
etag: W/"7ac50530ae91ff34194e9a3fa6a2c5ee"
x-frame-options: SAMEORIGIN
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: hN3tgb3sH5o2Rr2zKSg7TyW824WEuszWAgFocW34TCKB_VrZS1-K2A==

GET
H/1.1 200
OK home Show response
www.swisspass.ch/public/api/plus/v2/ 3 KB
3 KB 69ms
34ms XHR
application/json 193.203.121.166
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.swisspass.ch/public/api/plus/v2/home

Requested by

Host: d27la2n6wh4qws.cloudfront.net
URL: https://d27la2n6wh4qws.cloudfront.net/1.11.267/polyfills.97b001917a103cc1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.166 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

29d813dce7590409810f619a95edd6a1595e17fb2f663e0aad905caa325074da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
X-Correlation-ID: 46f8e948-83cf-43b5-85f1-b66c0075aeef
Referer: https://www.swisspass.ch/home
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 28 Feb 2024 15:05:00 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
Referrer-Policy: same-origin
Server: Apache
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
Content-Type: application/json
Transfer-Encoding: chunked
cache-control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=10, max=495
x-xss-protection: 0
expires: 0

GET
H2 200 passengerrights.f1dfb98ff5ad4641.svg
d27la2n6wh4qws.cloudfront.net/1.11.267/ 4 KB
2 KB 8ms
8ms Image
image/svg+xml 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/passengerrights.f1dfb98ff5ad4641.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

094968f0c3f98f2d47d62f20fc3f04af88b65748348b27ad326a6753f3bd022f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.swisspass.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:58:00 GMT
content-encoding: br
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97621
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:45 GMT
server: AmazonS3
etag: W/"f5f813afaf91e27fd2376abebbcd9c0d"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: cglyJUwPSLKf84TbN4GNSYtsjWZ_r-ZRpmgKSKc8JSscfMciX891Nw==

GET
H2 200 handicap.a1a101bb5383faaa.svg
d27la2n6wh4qws.cloudfront.net/1.11.267/ 3 KB
2 KB 9ms
9ms Image
image/svg+xml 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/handicap.a1a101bb5383faaa.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

150b4dc10e1e9cdf840ff348dcac40f942d03c16f30c79c532dd8f37a9462e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.swisspass.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:58:00 GMT
content-encoding: br
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97621
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:45 GMT
server: AmazonS3
etag: W/"d5301dcdbf174418634725408e9e7a4b"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: 9RTfQ0oraOLzFtCq1xbufvb3I08hLWR4bZ6h3XaNHi6bS75s5sYCig==

GET
H/1.1 200
OK 1705551551697.png
resources.swisspass.ch/content/dam/swisspass/bilder/SwissPass_info_welcome/Wettbewerb_560x380.jpg.swisspass-transform.png/ 223 KB
224 KB 127ms
45ms Image
image/png 193.203.121.145
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.swisspass.ch/content/dam/swisspass/bilder/SwissPass_info_welcome/Wettbewerb_560x380.jpg.swisspass-transform.png/1705551551697.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.145 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

a24ab9ab878d12ba7d93db017d7811292c993fb9bcb4527d2a4c9c6077edb7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 15:05:00 GMT
Strict-Transport-Security: max-age=16070400
X-Content-Type-Options: nosniff
X-Cache: HIT
x-url: /content/dam/swisspass/bilder/SwissPass_info_welcome/Wettbewerb_560x380.jpg.swisspass-transform.png/1705551551697.png
Connection: Keep-Alive
Content-Length: 228852
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Wed, 28 Feb 2024 14:01:49 GMT
Server: Apache
ETag: "37df4-6127195860c2f"
Vary: User-Agent,X-Requested-With
X-Frame-Options: SAMEORIGIN
X-Varnish: 528152 660744
Content-Type: image/png
X-Plattform: cprod
Cache-Control: max-age=21600
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=500
Expires: Wed, 28 Feb 2024 21:04:42 GMT

GET
H/1.1 200
OK 1619069466919.png
resources.swisspass.ch/content/dam/swisspass/bilder/SwissPass_info_welcome/SBB-Schiff-Couple.jpg.swisspass-transform.png/ 198 KB
199 KB 96ms
28ms Image
image/png 193.203.121.145
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.swisspass.ch/content/dam/swisspass/bilder/SwissPass_info_welcome/SBB-Schiff-Couple.jpg.swisspass-transform.png/1619069466919.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.145 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

e3c052cd44c0c6f417f90ea65e59111215e8bdff946eeea4eb8095cd13b24b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 15:05:00 GMT
Strict-Transport-Security: max-age=16070400
X-Content-Type-Options: nosniff
X-Cache: HIT
x-url: /content/dam/swisspass/bilder/SwissPass_info_welcome/SBB-Schiff-Couple.jpg.swisspass-transform.png/1619069466919.png
Connection: Keep-Alive
Content-Length: 202627
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Wed, 28 Feb 2024 10:28:32 GMT
Server: Apache
ETag: "31783-6126e9abd34c7"
Vary: User-Agent,X-Requested-With
X-Frame-Options: SAMEORIGIN
X-Varnish: 30813312 4764512
Content-Type: image/png
X-Plattform: cprod
Cache-Control: max-age=21600
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=500
Expires: Wed, 28 Feb 2024 21:03:46 GMT

GET
H/1.1 200
OK welcome.jpg
www.swisspass.ch//content/dam/swisspass/bilder/home/ 589 KB
590 KB 43ms
42ms Image
image/jpeg 193.203.121.166
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.swisspass.ch//content/dam/swisspass/bilder/home/welcome.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.166 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

73759643698fc9c05304fb0efc98c68b97350d0be9641c5910e1523f9827f29c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.swisspass.ch/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 15:05:00 GMT
Strict-Transport-Security: max-age=16070400
X-Content-Type-Options: nosniff
X-Cache: HIT
x-url: /content/dam/swisspass/bilder/home/welcome.jpg
Connection: Keep-Alive
Content-Length: 603024
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Wed, 28 Feb 2024 12:15:34 GMT
Server: Apache
ETag: "93390-612701984d97c"
Vary: User-Agent,X-Requested-With
X-Frame-Options: SAMEORIGIN
X-Varnish: 73375442 73375274
Content-Type: image/jpeg
X-Plattform: cprod
Cache-Control: max-age=21600
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=494
Expires: Wed, 28 Feb 2024 21:04:37 GMT

GET
H2 200 calendar.5793a37ad7808724.svg
d27la2n6wh4qws.cloudfront.net/1.11.267/ 641 B
1 KB 10ms
10ms Image
image/svg+xml 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/calendar.5793a37ad7808724.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

145bc60830b250a68baa7d2ca3fe9621354e57aab057a03f51e8097f9ab73478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.swisspass.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:58:00 GMT
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97621
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 641
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:45 GMT
server: AmazonS3
etag: "bd1a9fde4745881ba5f96351e9f59db4"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 7WR23y_s9MaUBnOz8TIJ61cmXoRQ43WYpc0OZEZaqusnPUPCiNUzYQ==

GET
H2 200 gear.8567e84d3e6952cc.svg
d27la2n6wh4qws.cloudfront.net/1.11.267/ 3 KB
1 KB 8ms
8ms Image
image/svg+xml 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/gear.8567e84d3e6952cc.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

56e9595e6676f50ce6df54d8fd7fcae1c9881635b537ce7361133108c6096ee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.swisspass.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:58:00 GMT
content-encoding: br
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97621
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:45 GMT
server: AmazonS3
etag: W/"b57deb7050b9d196e46c234d647cf7f9"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: aQdm4NifmLpq1ikcOjh4heECvrVDtHj3WFwmi5f3PAQ7G6pxiBjt9Q==

GET
H2 200 keys.518af5b7454add64.svg
d27la2n6wh4qws.cloudfront.net/1.11.267/ 1 KB
1 KB 11ms
11ms Image
image/svg+xml 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/keys.518af5b7454add64.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ceeacdbce03b9656bb76b09114428e909ba7f131b0cc472ab873c51335e6fa89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.swisspass.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:58:00 GMT
content-encoding: br
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97621
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:45 GMT
server: AmazonS3
etag: W/"7330899053e027573fc8aee58eaf73c2"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: tW_9dn0XdxRXJ-rmWCkjyjbYrJ-butoTaLtViNaMKe3PCchOWuYYvw==

GET
H2 200 discount.1f43fbae190bebdd.svg
d27la2n6wh4qws.cloudfront.net/1.11.267/ 394 B
918 B 9ms
9ms Image
image/svg+xml 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/discount.1f43fbae190bebdd.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3586be31357a768106bbebd7312a6990885f82a4d8e239203e52c224c5e6085e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.swisspass.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:58:00 GMT
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97621
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 394
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:45 GMT
server: AmazonS3
etag: "903bd2907342e3adbf40e866e7fee299"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: H-KBDSWQ_lQNlC9QTpG0ocRzip4xqqzzfA2avULsXWh1tEnDgbP1ZQ==

GET
H2 200 paar-laptop.jpg
d27la2n6wh4qws.cloudfront.net/1.11.267/assets/resources/img/ 111 KB
112 KB 8ms
8ms Image
image/jpeg 2600:9000:2250:cc00:8:ddec:8f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d27la2n6wh4qws.cloudfront.net/1.11.267/assets/resources/img/paar-laptop.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:cc00:8:ddec:8f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

45f6f9fa84da7d653b5d0784a5e17ef281875acd821cb1e3d7c050c45e2a93d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:58:00 GMT
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 97621
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 114051
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Feb 2024 11:26:44 GMT
server: AmazonS3
etag: "f5a49c6a71dda77e754423b47a221ecc"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: lbyztDw6B7Weqh8ighgT6thzwgdvZinljBn_DEGS5k_S3QY28nFjZw==

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.swisspass.ch/oevprod-login	1969-12-31 23:59:59	Name: JSESSIONID Value: $xc/JXULKB12W6Csq0kvMsA5N9Wd4wcm_QkU6!HRaCZVg2rrI_4cxdhuoeVVYQvWJn0!J3mHLw==
.swisspass.ch/	1969-12-31 23:59:59	Name: AL_SESS-S Value: Abtb0XfamOoxCkDZB01x9tjTLzXEJIii0GanKcdRyZKMmyKQY_a!7kzgd9wINsElY0Lo
.swisspass.ch/	1970-01-21 03:31:08	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Feb+28+2024+16%3A04%3A56+GMT%2B0100+(Central+European+Standard+Time)&version=202305.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=cd7076b5-595b-4aa3-a9f7-792e21ec6dac&interactionCount=0&landingPath=https%3A%2F%2Fwww.swisspass.ch%2Fhome&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
network	error	URL: https://www.swisspass.ch/public/api/benutzer/v2/accounts/authenemail Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.swisspass.ch/public/api/benutzer/v2/laender Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://www.swisspass.ch/public/api/benutzer/v2/accounts/authenemail Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.swisspass.ch/public/api/leistungen/v7/abonnements?scope=GUELTIG Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.swisspass.ch/public/api/benutzer/v2/accounts/authenemail Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.swisspass.ch/public/api/benutzer/v2/accounts/authenemail Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.cookielaw.org
d27la2n6wh4qws.cloudfront.net
geolocation.onetrust.com
login.swisspass.ch
resources.swisspass.ch
www.eazylocks.com
www.swisspass.ch
www.tekirdagguncelhaber.net
132.148.76.65
193.203.121.145
193.203.121.166
2600:9000:2250:cc00:8:ddec:8f00:21
2606:4700:3036::ac43:d227
2606:4700:4400::6812:2089
2606:4700::6812:82ec
2a02:26f0:7100:786::1e80
022649b4ec9c2ba2d0ea50709aef3bfe81f866508dfdd90b84aebd3311417539
02f745b554b331621578d2b974856b1276d2d6b8217dcd4522606bd739538c03
041c927adc5ad4c19f6287f350460fe74ffab492aca553602dafc1b378b4941c
094968f0c3f98f2d47d62f20fc3f04af88b65748348b27ad326a6753f3bd022f
0b273b1769d76f3fde8aa98d5dd7305f26a18653f6c89736e708af2473140e38
145bc60830b250a68baa7d2ca3fe9621354e57aab057a03f51e8097f9ab73478
150b4dc10e1e9cdf840ff348dcac40f942d03c16f30c79c532dd8f37a9462e2c
29d813dce7590409810f619a95edd6a1595e17fb2f663e0aad905caa325074da
32b83cf286ae208689cf5d7695135cb8c9b57626c1fd35797b4d44d9740fd61a
3452f1c392c9f62eea3bb3651eb1a20fec95d1a93deaa0b6d426d7a28a797076
3586be31357a768106bbebd7312a6990885f82a4d8e239203e52c224c5e6085e
393d1a713918f44daf9186747928ca8b9db7e2df4efb47636183005538ec4daf
3a137c40043f518e1861a1dd818d23911020328bb107ad4a971bdb7203111b8a
45f6f9fa84da7d653b5d0784a5e17ef281875acd821cb1e3d7c050c45e2a93d9
4a3d4cf982535aaf485c6e3af9ad1498df5c065adf94eed056f0aa13c31e92ed
52484ca4c19c278ba2129f5f6ab4d04aeb1f4667e6b71bb04d7e82736c96d39c
5354bd00a9a39277e728af3bd76781b32fd6445ac64600c85daf27445a2a25a2
56e9595e6676f50ce6df54d8fd7fcae1c9881635b537ce7361133108c6096ee0
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
73759643698fc9c05304fb0efc98c68b97350d0be9641c5910e1523f9827f29c
78a4a776506b173ae79fd021d0e9003c7d653ca204ea1d69bea4d553f92f787d
7ac77e38d4b9c387f2b0a2838f542a279cb010bf8f708605270ccdc5f268d7da
7ba0189bc4d6a3d77b4cb68e6d4af2fabb6ec28dd41d18d98fa19b79b6fc0e31
827f57b69d5c20311780ef5c23fc1ab8437b398b5e052767735177ec842ef338
a24ab9ab878d12ba7d93db017d7811292c993fb9bcb4527d2a4c9c6077edb7e1
a40640a46c63c64c8cfbcbb34b30957c7b4f867ae056fe63181d463cac3a7336
aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1
be95ab7dd6fb6e0fd0427e1d7dc9fd3814a95df023af7b971e8d84406aec6e98
c344e8ffc149302893ac9fb05072f84e3546bda7d20ffc50a88799fcad3d013d
c91ce6e4f0098d81c86b6465ccadd0b519f07b3f6afd4a2f313752055be9cde4
c99b55f0715d5e15eb9361b1f8fefdb00ac26f8c71000a276499b30871587ae8
ceeacdbce03b9656bb76b09114428e909ba7f131b0cc472ab873c51335e6fa89
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c052cd44c0c6f417f90ea65e59111215e8bdff946eeea4eb8095cd13b24b49
ed18db3600e1fb6056a4244321df84eb8fc8a38bdb0c8100342aee0111400eeb
ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594
f053f049a78c3afbce0d34f57d0bea4a24f7964d0e1e45197a35c06124b5e357
f27e84a63692531be7a580b0e3421cba2c44c7dafcc121d6a0943b6a6c9ddf72
f77ae1baaf91b6f567d508f9767a482ca3b83926d8b4e4111eddd9281d458d8b
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fe70e3a40775c77c481cdf267601a438d26104db232027597d78c93e18d621ff

www.swisspass.ch Open in urlscan Pro 193.203.121.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

63 %IPv6

7 Domains

9 Subdomains

7 IPs

3 Countries

2098 kBTransfer

4853 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.swisspass.ch Open in urlscan Pro
193.203.121.166 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

2098 kB
Transfer

4853 kB
Size

3
Cookies

55 HTTP transactions
0 data transactions