Submitted URL: https://booking.frame.ch/
Effective URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Submission: On October 17 via automatic, source certstream-suspicious — Scanned from CH

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 42 HTTP transactions. The main IP is 82.220.91.195, located in Zurich, Switzerland and belongs to SOLNET, CH. The main domain is booking.frame.ch.
TLS certificate: Issued by R11 on October 17th 2024. Valid for: 3 months.
This is the only time booking.frame.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 10 82.220.91.195 9044 (SOLNET)
33 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.195 15169 (GOOGLE)
42 4
Apex Domain
Subdomains
Transfer
33 i2k.ch
office35.i2k.ch
664 KB
10 frame.ch
booking.frame.ch
120 KB
1 gstatic.com
fonts.gstatic.com
47 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
42 4
Domain Requested by
33 office35.i2k.ch booking.frame.ch
office35.i2k.ch
10 booking.frame.ch 3 redirects booking.frame.ch
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com booking.frame.ch
42 4

This site contains no links.

Subject Issuer Validity Valid
booking.frame.ch
R11
2024-10-17 -
2025-01-15
3 months crt.sh
i2k.ch
WE1
2024-09-09 -
2024-12-08
3 months crt.sh
upload.video.google.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.gstatic.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh

This page contains 1 frames:

Primary Page: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Frame ID: 056F0987EF3739116F7CDC0A67BB5AA5
Requests: 42 HTTP requests in this frame

Screenshot

Page Title

Cortec ERP

Page URL History Show full URLs

  1. https://booking.frame.ch/ HTTP 302
    https://booking.frame.ch/boot/index.asp HTTP 302
    https://booking.frame.ch/boot/home.asp HTTP 302
    https://booking.frame.ch/boot/Login/Login.asp?isApp= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

42
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

833 kB
Transfer

2014 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://booking.frame.ch/ HTTP 302
    https://booking.frame.ch/boot/index.asp HTTP 302
    https://booking.frame.ch/boot/home.asp HTTP 302
    https://booking.frame.ch/boot/Login/Login.asp?isApp= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Login.asp
booking.frame.ch/boot/Login/
Redirect Chain
  • https://booking.frame.ch/
  • https://booking.frame.ch/boot/index.asp
  • https://booking.frame.ch/boot/home.asp
  • https://booking.frame.ch/boot/Login/Login.asp?isApp=
22 KB
23 KB
Document
General
Full URL
https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.220.91.195 Zurich, Switzerland, ASN9044 (SOLNET, CH),
Reverse DNS
Software
Microsoft-IIS/10.0 / cortec AG
Resource Hash
a15ff839ba42b00a98bfbf027bdab1a9e2283c4db2f4c8c034c7a3f124bffe0b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin
*
cache-control
no-cache, must-revalidate,private
content-length
22929
content-type
text/html; Charset=utf-8
date
Thu, 17 Oct 2024 08:01:02 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT,Thu, 17 Oct 2024 08:00:02 GMT
last-modified
17.10.2024 10:01:02 GMT
pragma
no-cache
server
Microsoft-IIS/10.0
x-powered-by
cortec AG

Redirect headers

access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin
*
cache-control
private
content-length
156
content-type
text/html
date
Thu, 17 Oct 2024 08:01:02 GMT
location
Login/Login.asp?isApp=
server
Microsoft-IIS/10.0
x-powered-by
cortec AG
bootstrap.min.css
office35.i2k.ch/SA/css/
116 KB
21 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/css/bootstrap.min.css
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc659edbe8d4a07baf92a994a328ed4c1440b1585cd5ec5bbe31d08ec4e35d8b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
HIT
etag
W/"75f26a3b8a2db1:0"
Age
1786
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o7fSx345SJ7tjyw%2B7QDZIRRkYluJbVuq99JXM0YsQdWAH7kZYHP2JjdSq1gzjUarsI4rIyRMT37s06AqqpN2D0r%2FpFQw0qwk4ZfOKeV9M%2FNzn%2B5l14H8wuXWumxOncmjhIsLXbnqMKV93swN%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:03 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec22e8afa9f2f-FRA
access-control-allow-origin
*
Server
cloudflare
all.min.css
office35.i2k.ch/SA/prop/css/font-awesome-5.13.0/css/
170 KB
32 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/prop/css/font-awesome-5.13.0/css/all.min.css
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32fa81861a662f8f03701e2ee4048fc99ed0e43c8ffb5e5953ef01433fded659

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
HIT
etag
W/"16d84f3c8a2db1:0"
Age
1518
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kHRnJ0mmSB4JIsql4Z303vA%2B6A%2BASAz8PjD5fZhNmsVFxne%2B5AVb4iEIw2vRyea3fEUJklRDkmugS3R0o72aUgWd5FIcHrC9eMfdXF3aM8P4WhETfmbaW2LHiVvi%2BtmCBcWWnmZdViPgTAUMyg%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:03 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:07 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec22e8fa21e4c-FRA
access-control-allow-origin
*
Server
cloudflare
v4-shims.min.css
office35.i2k.ch/SA/prop/css/font-awesome-5.13.0/css/
26 KB
5 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/prop/css/font-awesome-5.13.0/css/v4-shims.min.css
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d91bb47a97381eb3515abcd248d631bcdc35cb0d99dcd5d29fc8781f4ad9ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
HIT
etag
W/"7a3a523c8a2db1:0"
Age
1785
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tgS4pe3xxITZ4BoxEIKDMelAm2nlZ%2BvrUakZGjmuIC5ZDRfehHHzUBRabUeaBxF9DgwxNQuVq%2BKRr%2BpfQOp%2B715nySeQBStbl97BNdUym7ONiakwUtzAJFmvEdLyxDy32cMuK7ez0xKihH3v1g%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:03 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:07 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec22ef80991ed-FRA
access-control-allow-origin
*
Server
cloudflare
font-awesome-animation.min.css
office35.i2k.ch/SA/css/
19 KB
3 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/css/font-awesome-animation.min.css
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10fa38d6f20bb78b9ddcb57530310c8d12fea3c87162709edf2a2b1a8b91b737

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
REVALIDATED
etag
W/"75f26a3b8a2db1:0"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l6pz54x%2B3%2B%2B1hdpmIH3DNCbVUzPCtJNKeaP6g%2FTDssZs%2FEXE6rgRYh5ieyZM5LOHuENZpPqYbJDhCSyIVXmSizt4De0ba%2BrRnvKOolsZ5l6aik5KHOffO8xLFfFGEn6s0ifY0cLVF9bRfIYpZA%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:03 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec22ef8f4db06-FRA
access-control-allow-origin
*
Server
cloudflare
smartadmin-production-plugins.min.css
office35.i2k.ch/SA/css/
155 KB
31 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/css/smartadmin-production-plugins.min.css
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6d313a12088127a8461e5e994533f3158bd9c219973f729dfbdf65ad8884e03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
REVALIDATED
etag
W/"75f26a3b8a2db1:0"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yoGYYQ6tmOVh%2Bwx0%2BScZjjzTAXmM85mSvJ3D51e46oT8dM4G%2F2sF8do2eXRx%2FPBSEq2b%2Faq0UjpkucK5f0ZbaNrBdFU4RHZ2m3HlHjov9%2FRLca6cdMsA8Qr0add9HbgLVKelkYE6ubeUDZBnRA%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:03 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec22f0b32917a-FRA
access-control-allow-origin
*
Server
cloudflare
smartadmin-production.min.css
office35.i2k.ch/SA/css/
275 KB
47 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/css/smartadmin-production.min.css
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f6c2919e55108b38005163a8dc3148de28953b6589dcb2e9f65d4693e81fac3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
HIT
etag
W/"75f26a3b8a2db1:0"
Age
1786
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bU7QGKYMvGUIsgy2aEQHlhRj3I3y63bcA4GvLKvNlmmOVMisI1xr9ZRtJhcdCXoSb%2FfpDelPsTTWVdILLYOX8AxKfAZODrfRr%2B60P2c5hASknFFa9GUX9Xuk2ruYFDTSiDJGAtwtZ8Q1VUupvA%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:03 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec22f0b9b9f2f-FRA
access-control-allow-origin
*
Server
cloudflare
smartadmin-skins.min.css
office35.i2k.ch/SA/css/
61 KB
10 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/css/smartadmin-skins.min.css
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9928045704227a08ee665b3186f0f71024c55d130a92087065faab49b5697190

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
HIT
etag
W/"75f26a3b8a2db1:0"
Age
1786
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0y1fP%2F%2Bk0AoMzxlgeb174Z46%2FLLLAuWqUVBmdWcmFU%2F1cHrxg5SzetL1HVqQSWmUOMprTGXwqBntQaTKCl9ekD96ZdqXG%2FAZBRxVQWMfX1ReUUggQigVbTN2UW9OeYizj8nzlRBEj5MkLl%2B1RA%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:03 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec22f48581e4c-FRA
access-control-allow-origin
*
Server
cloudflare
smartadmin-rtl.min.css
office35.i2k.ch/SA/css/
43 KB
8 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/css/smartadmin-rtl.min.css
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a5b18e402d360c8db7b8d6062c92e5245ac35082a5019e4a045b9841232f64

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
HIT
etag
W/"75f26a3b8a2db1:0"
Age
1784
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qdNQz12u3aoyVwwvAGe7aU13awnjGwRchPefb7WQp4u4EXMR%2Bnj6dFe97GaV51eGWIk%2B2hjVeCov5G0ILyumJdgUivjw37WTsWKCGgV1kU%2BjFF7dQa1HS2MVVgRTLMgi%2Bl09kNmHnPyWf1GYbw%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:03 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec22f98e291ed-FRA
access-control-allow-origin
*
Server
cloudflare
css
fonts.googleapis.com/
28 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,300,400,700
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fffdc576b06191be86de1a2e47f9c746ad4eba516fa121d8734bb896df541988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 17 Oct 2024 08:01:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 08:01:04 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 17 Oct 2024 06:58:19 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
pwdRevealer.css
office35.i2k.ch/SA/prop/js/pwdRevealer/
239 B
1 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/prop/js/pwdRevealer/pwdRevealer.css
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40400e2c03d28b3e9e06d1e95158794f36ec7aadc0360e39ee7d21dad094c72e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
Cf-Bgj
minify
etag
W/"1c8abf4e8a2db1:0"
Age
1785
CF-Cache-Status
HIT
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1HPcwPQYnZp0TpPG1nmgyOSjfeoudBwRkv7A2DuLOr2PplI8dPNeIKdOVyvf65YQLu3szMJ5XEiYuL2PGKswRYoW1sgUEnIwzw2EBiFkFPfRNuWwkEGg3f65Sax%2FqGF2fsZYSOEhR0aDtfD41Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Cf-Polished
origSize=347
Date
Thu, 17 Oct 2024 08:01:03 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:38 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec22e8f5d91ed-FRA
access-control-allow-origin
*
Server
cloudflare
custom.css
office35.i2k.ch/SA/css/
118 KB
17 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/css/custom.css?v=2
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4922b40702ff9fcd5b89e00eedab9236a60a0fa78b45aa261a787ef34cc062

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
REVALIDATED
etag
W/"75f26a3b8a2db1:0"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AqlJ0VWifiNfr2YUQ6zrh02eCqB92%2FtsennKDnzdtfhjZoKr62V%2BYLrzchbXOOXshY1tS2kyYYVE4rqitmO8xf53225QCt4jqyx2lz5eUcrodbQopmdcZdl3QaUdVL7UAltnzKsDCyzRLwerjw%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:03 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec22e8c35dbe2-FRA
access-control-allow-origin
*
Server
cloudflare
custom_fa_fix.css
office35.i2k.ch/SA/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/css/custom_fa_fix.css
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
743f6e14c1c9cd34dbb87c3d2c4f147786ffc5004c3efdcf3b5eb8d016cf11f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
Cf-Bgj
minify
etag
W/"75f26a3b8a2db1:0"
Age
1783
CF-Cache-Status
HIT
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ijUQDdJpX%2Bq5xyqBaVSefgZ87d6DnDTrNmk3n60XB3xNn%2BbZaBJ5U%2BcdWYi7ZVX9Gx39aOykQltPiEK81W6pVdW25CMeWy2SrbttLJdptKk1DOuFlMB3Za%2FzNBQ1EHQDPAGEZzvS6OmYGAZ2w%3D%3D"}],"group":"cf-nel","max_age":604800}
Cf-Polished
origSize=2394
Date
Thu, 17 Oct 2024 08:01:03 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec22e8ff1db06-FRA
access-control-allow-origin
*
Server
cloudflare
darktheme.css
office35.i2k.ch/SA/css/Darktheme/
17 KB
4 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/css/Darktheme/darktheme.css
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ece7c0817077357373e4a52d6211191c3cd6a28b137151471f7c6149b19de1ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
Cf-Bgj
minify
etag
W/"75f26a3b8a2db1:0"
Age
1785
CF-Cache-Status
HIT
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3TZbIVvH3IM%2FTXqdT5MBjX5%2BteI2P5KEFGE%2BX25YB%2B9aZbWXFinQdnxQboEU8Gp5H88hbCAh5huOVOz4154f0htgGma58uSSU5Jh95uOirCKBo8BTVVhkFzYMdu5HkJ2S2z7rHCmSXudwAH0Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
Cf-Polished
origSize=41229
Date
Thu, 17 Oct 2024 08:01:03 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec22e8a9f917a-FRA
access-control-allow-origin
*
Server
cloudflare
pwdRevealer.css
booking.frame.ch/SA/prop/js/pwdRevealer/
347 B
439 B
Stylesheet
General
Full URL
https://booking.frame.ch/SA/prop/js/pwdRevealer/pwdRevealer.css
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.220.91.195 Zurich, Switzerland, ASN9044 (SOLNET, CH),
Reverse DNS
Software
Microsoft-IIS/10.0 / cortec AG
Resource Hash
67e9dbc8eea0ec45767ed0d825e0c2da8317c14b4c9074ceee290e309ff0d3ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/boot/Login/Login.asp?isApp=

Response headers

x-powered-by
cortec AG
etag
"1c8abf4e8a2db1:0"
accept-ranges
bytes
access-control-allow-origin
*
content-length
347
date
Thu, 17 Oct 2024 08:01:02 GMT
content-type
text/css
last-modified
Mon, 09 Sep 2024 07:31:38 GMT
server
Microsoft-IIS/10.0
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
cortec_logo_transparent_weiss.gif
booking.frame.ch/boot/Login/
5 KB
5 KB
Image
General
Full URL
https://booking.frame.ch/boot/Login/cortec_logo_transparent_weiss.gif
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.220.91.195 Zurich, Switzerland, ASN9044 (SOLNET, CH),
Reverse DNS
Software
Microsoft-IIS/10.0 / cortec AG
Resource Hash
5db8d1879f01149caa4d2f8cff707836e4f45493e0b15b28174ac9a11b0527a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/boot/Login/Login.asp?isApp=

Response headers

x-powered-by
cortec AG
etag
"9483882882db1:0"
accept-ranges
bytes
access-control-allow-origin
*
content-length
5202
date
Thu, 17 Oct 2024 08:01:02 GMT
content-type
image/gif
last-modified
Mon, 09 Sep 2024 07:18:45 GMT
server
Microsoft-IIS/10.0
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
jquery-3.2.1.min.js
office35.i2k.ch/SA/js/libs/
86 KB
32 KB
Script
General
Full URL
https://office35.i2k.ch/SA/js/libs/jquery-3.2.1.min.js
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df07274b80d7f1b6eacc355d2b74684da15b5c7585f32e25ea2095834965f41

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
REVALIDATED
etag
W/"73b5ad3b8a2db1:0"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOr3To8rA87FCXtALBjsUw9e%2F2kesVevHVa4fsxdgCDrHFa9gzSLppEje3ugOo41z%2Fu5GcyLuqpP%2BvAq3VZdDs4FPAtEgTGrJWkbxTF385pUvM3FQBcFIBQwSqcNTFdfX%2FBfX0qP0yy6z0z0DA%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:03 GMT
Content-Type
application/javascript
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec22f9ffedbe2-FRA
access-control-allow-origin
*
Server
cloudflare
jquery-ui.min.js
office35.i2k.ch/SA/js/libs/
248 KB
69 KB
Script
General
Full URL
https://office35.i2k.ch/SA/js/libs/jquery-ui.min.js
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
REVALIDATED
etag
W/"73b5ad3b8a2db1:0"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OwsfkVDpS2QckgY3dBti8BuJ%2BvaMaBj1uf5Lkn24YdyUKyuz84nErCPnFUzyW4OVG1TGYdbbb5IwZE1nvQXdKLM%2FikEv0jojInDbhBRD8h9Iesa4nxn28Pf%2BTe9hTiNhKhp27yZhbmttuqYzIw%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
application/javascript
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec22faaa0db06-FRA
access-control-allow-origin
*
Server
cloudflare
app.config.js
office35.i2k.ch/SA/js/
6 KB
3 KB
Script
General
Full URL
https://office35.i2k.ch/SA/js/app.config.js
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d09b8920928a495c5e85af2497db5f79f0fb83e9ae48a777d3db7071fd3093ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
Cf-Bgj
minify
etag
W/"f867803b8a2db1:0"
CF-Cache-Status
REVALIDATED
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nZ5UlH91oSmh4Do%2FHgDziOPDuJh15zrRhxm0K7FUDzF32IF%2B8TGUP0Ty%2B%2Br0oGE1qfphJ3JxCh5HqKz%2B%2ByHU4fU8iACwOukSXG1vL5k24r14xmXZAPrNXeJOU80yZyaYAb0mATwMHtZGAox1Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
Cf-Polished
origSize=13795
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
application/javascript
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec230adcddb06-FRA
access-control-allow-origin
*
Server
cloudflare
app.min.js
office35.i2k.ch/SA/js/
25 KB
9 KB
Script
General
Full URL
https://office35.i2k.ch/SA/js/app.min.js
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
233ee05f101c7fb0764f48ceff1fc5be5e01aa3b697d905c4191fb8f84c4e6a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
REVALIDATED
etag
W/"f867803b8a2db1:0"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8UCtnMpbuj%2BH%2BUsr1kof5fPYeRZui1gltJdpkfg2tsgF%2FRD2JJB02%2BX%2FK6RNiY9w5%2BwLJl%2Bsklsf5oYPY1F%2BWwR45kudEl9BXroBqtlPZ93mTXztyAm81UajEIyo2sx1r5mzPUBdm%2F9KNquPyA%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
application/javascript
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec230ab8cdbe2-FRA
access-control-allow-origin
*
Server
cloudflare
bootstrap.min.js
office35.i2k.ch/SA/js/bootstrap/
36 KB
11 KB
Script
General
Full URL
https://office35.i2k.ch/SA/js/bootstrap/bootstrap.min.js
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9dabcb89968fd8e53ea9ad9edac30f8b7c24e876a0e797f38b2e6fcc900517a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
REVALIDATED
etag
W/"f867803b8a2db1:0"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VOKrTfDC7X08ZMUwgaJDgJNUP1JJJepO22dx4PRaRDn%2F%2BczA6vfaPLdlXKFkOVGVY%2F40TwZ%2BDcvIxmxBpyhzfqRVizNejc2qCc8eODEOb2dk8RKqzlMiw4VaYTu9CJfiZOc3w3V1UAnuB8%2BaGw%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
application/javascript
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec2314dc5dbe2-FRA
access-control-allow-origin
*
Server
cloudflare
jquery.mb.browser.min.js
office35.i2k.ch/SA/js/plugin/msie-fix/
3 KB
2 KB
Script
General
Full URL
https://office35.i2k.ch/SA/js/plugin/msie-fix/jquery.mb.browser.min.js
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03178b5047d433cc35459b3930479e7728e6d9055496d2318fdab8afce9e8390

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
REVALIDATED
etag
W/"e8d9113c8a2db1:0"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6CM6Iwra0irlrQlAlKVNZKlY0RZwqvL8Dq8r8NpxU2J2GxKxmnQvOULuBvnwzs8tCZbyl%2B2bCp4dCWwoIjD8y3iBoTUv%2FPQPmanmVSBKRQw9Ae6jAGwdvAvqIVjWXRFLbG3EYUDjz7hX4V5nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
application/javascript
last-modified
Mon, 09 Sep 2024 07:31:07 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec2314f9fdb06-FRA
access-control-allow-origin
*
Server
cloudflare
jquery.validate.min.js
office35.i2k.ch/SA/js/plugin/jquery-validate/
21 KB
8 KB
Script
General
Full URL
https://office35.i2k.ch/SA/js/plugin/jquery-validate/jquery.validate.min.js
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed02d6499e8f84614fdbd922735a410359d7fad9f3619f7eba23ceab2f8392db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
HIT
etag
W/"5a5083c8a2db1:0"
Age
6918
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QCjndvv6WUHM44tm8qBwAcCLD4OFrl2Fq93DNi7KPkVStzwo6TmC4REAA4T5lrVVN6UsoS%2FV2nS%2BBjLpwPWwhZfENZatwYgyzNwwx2tgaPeDDwUHAygmUn0UMJCQGZqlIGBbH%2BDB2Njoqwdo%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
application/javascript
last-modified
Mon, 09 Sep 2024 07:31:07 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec23219bddb06-FRA
access-control-allow-origin
*
Server
cloudflare
jquery.blockUI.2.66.0.js
office35.i2k.ch/GlobalJS/jquery-blockUI-2.66.0/
11 KB
5 KB
Script
General
Full URL
https://office35.i2k.ch/GlobalJS/jquery-blockUI-2.66.0/jquery.blockUI.2.66.0.js
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc69fc6a8785430a9c8d93482a7119916087474ecce6cf9f59edfa321932c064

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
Cf-Bgj
minify
etag
W/"1a1be2bdc52db1:0"
CF-Cache-Status
REVALIDATED
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHXvvdneufw0Lmy8msS6JAWobXUzMUg2z7Y1iocR6ypp3mHLsi7dfqln3AuRkhgSGZSPkWsP4qeAwyGNw3pXaRjaMuyuiSeI6mgmj1XrwV%2B1FaOAB5kXHUT1PMY%2BxgEfL7Kt2vrAANsFTlg5BA%3D%3D"}],"group":"cf-nel","max_age":604800}
Cf-Polished
origSize=20527
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
application/javascript
last-modified
Mon, 09 Sep 2024 14:37:05 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec2321b8c91ed-FRA
access-control-allow-origin
*
Server
cloudflare
pwdRevealer.js
office35.i2k.ch/SA/prop/js/pwdRevealer/
747 B
1 KB
Script
General
Full URL
https://office35.i2k.ch/SA/prop/js/pwdRevealer/pwdRevealer.js
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca397796d226cf1bf66969c3baeda34fe74f5ef9ed797f866ad40b61d632c5e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
Cf-Bgj
minify
etag
W/"1c8abf4e8a2db1:0"
CF-Cache-Status
REVALIDATED
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fhvJC2It0wRlFh8CxbZLglWxJNWsqfWpbeqqrb4d%2BXdchk15FUAH9X9UNfJY4xo2ifbPHTffmtgV3ewi%2B9UgBrX2cllB2G1CNsClOzHBrWx14dtxm7w8EqmfvoWeTDUVuzCwKoLI3JNhtuX2vA%3D%3D"}],"group":"cf-nel","max_age":604800}
Cf-Polished
origSize=874
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
application/javascript
last-modified
Mon, 09 Sep 2024 07:31:38 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec2321b561e4c-FRA
access-control-allow-origin
*
Server
cloudflare
fingerprintjs2_2.1.0_min.js
office35.i2k.ch/SA/prop/js/fingerprintjs2/
29 KB
11 KB
Script
General
Full URL
https://office35.i2k.ch/SA/prop/js/fingerprintjs2/fingerprintjs2_2.1.0_min.js
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
Cf-Bgj
minify
etag
W/"921c9a4d8a2db1:0"
Age
6918
CF-Cache-Status
HIT
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ADzPHWLM8waDiFoy%2F5STMIBJV%2Fsdm2JQF3BKcTImki9GLOGNGlLXD6S8mXMlhMkWpTl8KcYglVLUpiysiS7EE36eapi7UXFRCsdgTXNGdmDGDDrDNlHZsT%2BKHgYWbpLEMRuK22RQHAOSlLT0fg%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
application/javascript
last-modified
Mon, 09 Sep 2024 07:31:36 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec2321f479f2f-FRA
access-control-allow-origin
*
Server
cloudflare
autosize.min.js
office35.i2k.ch/SA/prop/js/autosize/dist/
3 KB
2 KB
Script
General
Full URL
https://office35.i2k.ch/SA/prop/js/autosize/dist/autosize.min.js
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def8d046dab5261e986f9880c8324f3ece6163b0432abba0ca4f9abf531144ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
CF-Cache-Status
REVALIDATED
etag
W/"6109e438a2db1:0"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pyM8KcJRUwdprtS3AmOOnI7GUSdgP%2B1IfrvkjgYpMuZpbCOfHPpswSRtKXt4XGx%2BcF6gAZf6KUBjO2pshK%2B3ubrbiV1VvmY5%2FHGlCod5jkch5Juz17vlVja6IFv6LEK%2BNv%2FeQir4kZkEUyuLJw%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
application/javascript
last-modified
Mon, 09 Sep 2024 07:31:20 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec23248c6dbe2-FRA
access-control-allow-origin
*
Server
cloudflare
catchTab.js
office35.i2k.ch/SA/prop/js/catchTab/
836 B
1 KB
Script
General
Full URL
https://office35.i2k.ch/SA/prop/js/catchTab/catchTab.js
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e05acdb1ae8f89c817adc0f0ffd0cfe9cf96ac4f664c8f48b0d340de2cd45aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
Cf-Bgj
minify
etag
W/"f589a7438a2db1:0"
CF-Cache-Status
REVALIDATED
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D3vmEmhF%2B2Mqo2RxOPrp81lX7M8z0ShjbFtyzX5N0auGY5G%2FdCyHOk4XNQ6nbVmHduAMGAcRLx5IGRfzVYfSV2mBgU96pPsRczKA2vI0eK59SWmlm5c59FgZUyTi%2FYasOFigFkOpgibYkBsbuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Cf-Polished
origSize=1170
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
application/javascript
last-modified
Mon, 09 Sep 2024 07:31:20 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec232af4c917a-FRA
access-control-allow-origin
*
Server
cloudflare
fittext.js
office35.i2k.ch/SA/prop/js/fittext/
673 B
1 KB
Script
General
Full URL
https://office35.i2k.ch/SA/prop/js/fittext/fittext.js
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19ac3d1560ebdb78b4f76dbbe9c9bb544376ede7ac35cf237e53feb3a6568c91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
Cf-Bgj
minify
etag
W/"921c9a4d8a2db1:0"
CF-Cache-Status
REVALIDATED
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IsFBe%2B3Yd8Z8LC14xRlA3gTYhQ5NG%2BfT8sGX6pmWcI%2F8%2BSJ7Xpaws9h1VKTMl2HLmKyvWpWOPdu28UM1Xm80mtRGhVLeWnIGHuyavpIoB%2BY5924l50VrpnlXPjUDQFfyfMVMIYBVXd9a7MD7QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Cf-Polished
origSize=1115
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
application/javascript
last-modified
Mon, 09 Sep 2024 07:31:36 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec232bbd2db06-FRA
access-control-allow-origin
*
Server
cloudflare
bootstrap-functions.js
office35.i2k.ch/SA/prop/js/
24 KB
10 KB
Script
General
Full URL
https://office35.i2k.ch/SA/prop/js/bootstrap-functions.js?v=
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03fd6a830cb30499bee9b529cc3f4c99cfb23d276f19ae2bd76276d4f55295dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/

Response headers

Content-Encoding
br
Cf-Bgj
minify
etag
W/"6109e438a2db1:0"
CF-Cache-Status
REVALIDATED
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=57GV3ZnoTT%2FeBPep02%2F58mLh36gc9qZDY%2F5nuX1Lec301yUTgKfP8rtGhzYM2dZ8wYAgyv41VmBGUNqYHL2tk11mkwKsiQrVT1ll6imG0SFOyZa%2F3TdwsnPoBnDvFDlm16CnrE3wDd%2FGk0DNmg%3D%3D"}],"group":"cf-nel","max_age":604800}
Cf-Polished
origSize=37907
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
application/javascript
last-modified
Mon, 09 Sep 2024 07:31:20 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec232da8fdbe2-FRA
access-control-allow-origin
*
Server
cloudflare
sha512.js
booking.frame.ch/GlobalJS/
36 KB
36 KB
Script
General
Full URL
https://booking.frame.ch/GlobalJS/sha512.js
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.220.91.195 Zurich, Switzerland, ASN9044 (SOLNET, CH),
Reverse DNS
Software
Microsoft-IIS/10.0 / cortec AG
Resource Hash
da5bad98b2981c432e4d723b9cca8cb831e5580686928035101857b2a88670a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/boot/Login/Login.asp?isApp=

Response headers

x-powered-by
cortec AG
etag
"cc1eb4bfc52db1:0"
accept-ranges
bytes
access-control-allow-origin
*
content-length
36441
date
Thu, 17 Oct 2024 08:01:03 GMT
content-type
application/javascript
last-modified
Mon, 09 Sep 2024 14:37:08 GMT
server
Microsoft-IIS/10.0
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
pwdRevealer.js
booking.frame.ch/SA/prop/js/pwdRevealer/
874 B
956 B
Script
General
Full URL
https://booking.frame.ch/SA/prop/js/pwdRevealer/pwdRevealer.js
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.220.91.195 Zurich, Switzerland, ASN9044 (SOLNET, CH),
Reverse DNS
Software
Microsoft-IIS/10.0 / cortec AG
Resource Hash
61d334ba53bfe1a525e216e73ba3077d8729eb1cb70116cdd9e73efc82be47ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/boot/Login/Login.asp?isApp=

Response headers

x-powered-by
cortec AG
etag
"1c8abf4e8a2db1:0"
accept-ranges
bytes
access-control-allow-origin
*
content-length
874
date
Thu, 17 Oct 2024 08:01:03 GMT
content-type
application/javascript
last-modified
Mon, 09 Sep 2024 07:31:38 GMT
server
Microsoft-IIS/10.0
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
MenuAndDashboard.css
office35.i2k.ch/SA/css/Darktheme/
4 KB
2 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/css/Darktheme/MenuAndDashboard.css
Requested by
Host: office35.i2k.ch
URL: https://office35.i2k.ch/SA/css/Darktheme/darktheme.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2acbfb4c42643fe99491e23f5d1743bc3e3ae1ba94a552bf0cd501309ad1091

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://office35.i2k.ch/SA/css/Darktheme/darktheme.css

Response headers

Content-Encoding
br
Cf-Bgj
minify
etag
W/"75f26a3b8a2db1:0"
CF-Cache-Status
REVALIDATED
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6qNikZEO%2FkR9T22M%2BLD4x50P189rH6QzqLUK6MDDZge3MIcxXKZvIuht0tQqwHqgopnlryInTeaFSxe6Vt%2FvaFfLXeukxtZE3okFy1UUwYRFxFgkwXo2jVAsYUajDi8rWW%2F1vHJgtPY60rBH%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
Cf-Polished
origSize=8807
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec2319e46917a-FRA
access-control-allow-origin
*
Server
cloudflare
Einstellungen.css
office35.i2k.ch/SA/css/Darktheme/
2 KB
1 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/css/Darktheme/Einstellungen.css
Requested by
Host: office35.i2k.ch
URL: https://office35.i2k.ch/SA/css/Darktheme/darktheme.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08c7755eb9248d2f0d861305026e4c936c6a6f7be8b9630d77434b72d1843199

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://office35.i2k.ch/SA/css/Darktheme/darktheme.css

Response headers

Content-Encoding
br
Cf-Bgj
minify
etag
W/"75f26a3b8a2db1:0"
Age
1519
CF-Cache-Status
HIT
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oqjlwePi29EJhwhcnArw4a6wt30vbu6i0%2B0ugi2%2FHO%2BG%2BJ4aUgX00maJ54ur0Jm8JnOGXnvscZ6bRyh%2FfeIfS8yYhhJQtXpWz%2Fx51STIFWHiW1mIUSqMTohTjnXoqmAlFtvwVd%2BQx3xHcGyRCw%3D%3D"}],"group":"cf-nel","max_age":604800}
Cf-Polished
origSize=5308
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec2319aee91ed-FRA
access-control-allow-origin
*
Server
cloudflare
Auftragsverwaltung.css
office35.i2k.ch/SA/css/Darktheme/
3 KB
2 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/css/Darktheme/Auftragsverwaltung.css
Requested by
Host: office35.i2k.ch
URL: https://office35.i2k.ch/SA/css/Darktheme/darktheme.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a13e5eeca8871027da3924744aa0954966d77306ec3d16d1f0bc840fff0991bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://office35.i2k.ch/SA/css/Darktheme/darktheme.css

Response headers

Content-Encoding
br
Cf-Bgj
minify
etag
W/"75f26a3b8a2db1:0"
Age
1783
CF-Cache-Status
HIT
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RaBqtY2bh6bQBEVfaycCZwvK5c3QfFnLr7HMtC%2FcwTeYIg8Rx9K3YxNXfUcvY4FkYS1L7ehbCC5k0Lt5lL1wc6Ju0lYWkM6Ot97dZkKUpSps8o7n9kxWOziO4Ig%2FTJUftVWQ%2FloDHUc2ctOKOA%3D%3D"}],"group":"cf-nel","max_age":604800}
Cf-Polished
origSize=11147
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec2319e9b9f2f-FRA
access-control-allow-origin
*
Server
cloudflare
Personen.css
office35.i2k.ch/SA/css/Darktheme/
6 KB
2 KB
Stylesheet
General
Full URL
https://office35.i2k.ch/SA/css/Darktheme/Personen.css
Requested by
Host: office35.i2k.ch
URL: https://office35.i2k.ch/SA/css/Darktheme/darktheme.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26692f83f9487dd7fb3f60e50a6ffb62ba7e52d6d6a7941210fb542f55883a5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://office35.i2k.ch/SA/css/Darktheme/darktheme.css

Response headers

Content-Encoding
br
Cf-Bgj
minify
etag
W/"75f26a3b8a2db1:0"
Age
1782
CF-Cache-Status
HIT
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Iqn8hq5awfdLiJE7zwnbKQlnBLbF9qMLYR3OxUYdO7R%2FQ1Vb1dGDJFR8gG6pnGG1X%2B8KJlsn1aW9tPMTaNfW1z5XUqLNEXsQZwYC9lUSdkkiBXDPDcjd93loZPFqIbqmkrn1FDoAh%2FBQ3cP5A%3D%3D"}],"group":"cf-nel","max_age":604800}
Cf-Polished
origSize=23725
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
text/css
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec2319ac71e4c-FRA
access-control-allow-origin
*
Server
cloudflare
Cortec_ErpLoginBackground.jpg
booking.frame.ch/boot/Login/
53 KB
53 KB
Image
General
Full URL
https://booking.frame.ch/boot/Login/Cortec_ErpLoginBackground.jpg
Requested by
Host: booking.frame.ch
URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.220.91.195 Zurich, Switzerland, ASN9044 (SOLNET, CH),
Reverse DNS
Software
Microsoft-IIS/10.0 / cortec AG
Resource Hash
516453a30b1dd23050eef4ef918acad751739de6e9e84058450bce850353e2ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/boot/Login/Login.asp?isApp=

Response headers

x-powered-by
cortec AG
etag
"2821682882db1:0"
accept-ranges
bytes
access-control-allow-origin
*
content-length
54587
date
Thu, 17 Oct 2024 08:01:03 GMT
content-type
image/jpeg
last-modified
Mon, 09 Sep 2024 07:18:45 GMT
server
Microsoft-IIS/10.0
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
login.png
office35.i2k.ch/SA/img/gradient/
807 B
2 KB
Image
General
Full URL
https://office35.i2k.ch/SA/img/gradient/login.png
Requested by
Host: office35.i2k.ch
URL: https://office35.i2k.ch/SA/css/smartadmin-production.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f090a4a5cca96c68f025431ca1ce0382f0755113654114584438f789b880bb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://office35.i2k.ch/SA/css/smartadmin-production.min.css

Response headers

CF-Cache-Status
HIT
etag
"67de763b8a2db1:0"
Age
6918
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sLSqEkMbnnsFhM1D5IDLoS5iw5%2FEIiH6vMDDPm9NgnVChG8BvSI1VPfq75loipCZtd23%2BQSHW%2FMTFl3wdrDEc87MHMYP3M94GGz8X2C9CxpV7barfbQBVOO6Wh29z%2B2VIRtlor7Emq8x9Dxcug%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
image/png
last-modified
Mon, 09 Sep 2024 07:31:06 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec232ec4491ed-FRA
Accept-Ranges
bytes
access-control-allow-origin
*
Content-Length
807
Server
cloudflare
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://booking.frame.ch
Referer
https://fonts.googleapis.com/

Response headers

age
102098
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:39:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:39:26 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
fa-solid-900.woff2
office35.i2k.ch/SA/prop/css/font-awesome-5.13.0/webfonts/
138 KB
139 KB
Font
General
Full URL
https://office35.i2k.ch/SA/prop/css/font-awesome-5.13.0/webfonts/fa-solid-900.woff2
Requested by
Host: office35.i2k.ch
URL: https://office35.i2k.ch/SA/prop/css/font-awesome-5.13.0/css/all.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://booking.frame.ch
Referer
https://office35.i2k.ch/SA/prop/css/font-awesome-5.13.0/css/all.min.css

Response headers

CF-Cache-Status
MISS
etag
"acc573e8a2db1:0"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OmpWocD1hpu3l2ZJeJlmmI4Y26B0YbJnmWD7Muf0RSBA4HplIMkwFRaE45cazFZuUkOLoEc1ah%2FjCDqUGPXwoKUfAzbI2n%2F3xv%2Fubdmcc%2BVFowsGeHH96KuRc74LfZwgT8BoaMGpzxuAIvYR%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
application/font-woff2
last-modified
Mon, 09 Sep 2024 07:31:11 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec234ebcd3600-FRA
Accept-Ranges
bytes
access-control-allow-origin
*
Content-Length
141600
Server
cloudflare
fa-regular-400.woff2
office35.i2k.ch/SA/prop/css/font-awesome-5.13.0/webfonts/
170 KB
171 KB
Font
General
Full URL
https://office35.i2k.ch/SA/prop/css/font-awesome-5.13.0/webfonts/fa-regular-400.woff2
Requested by
Host: office35.i2k.ch
URL: https://office35.i2k.ch/SA/prop/css/font-awesome-5.13.0/css/all.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a771731f8ddb3a2c0426884135e1136b22d3a40bb48c69bf77b58f3e5c854ed7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://booking.frame.ch
Referer
https://office35.i2k.ch/SA/prop/css/font-awesome-5.13.0/css/all.min.css

Response headers

CF-Cache-Status
MISS
etag
"a969553e8a2db1:0"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2BYn4%2Fil10cjOJCE1t%2FsmTHkYmzW0e%2FpnqS5IYDwrHw%2FPWZetn0Cgeb%2FCueqeEWzdFRDlkgJZyMKYIPpe9tz54mhwsIkVNBjlI2Fk7KlgXzmxT7iQ4gylHDfEXU5cxBDN2p9Vp6gfJiW4cZCHg%3D%3D"}],"group":"cf-nel","max_age":604800}
Date
Thu, 17 Oct 2024 08:01:04 GMT
Content-Type
application/font-woff2
last-modified
Mon, 09 Sep 2024 07:31:11 GMT
Vary
Accept-Encoding
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Cache-Control
max-age=28800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8d3ec2350fd2a01b-FRA
Accept-Ranges
bytes
access-control-allow-origin
*
Content-Length
174360
Server
cloudflare
favicon.ico
booking.frame.ch/
1 KB
1 KB
Other
General
Full URL
https://booking.frame.ch/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.220.91.195 Zurich, Switzerland, ASN9044 (SOLNET, CH),
Reverse DNS
Software
Microsoft-IIS/10.0 / cortec AG
Resource Hash
2b6b482bad2104d633c16a3fac13bf94fd7a4ff1e6a3d4c292d1a851034a7729

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://booking.frame.ch/boot/Login/Login.asp?isApp=

Response headers

x-powered-by
cortec AG
etag
"0bf186ce67bd01:0"
accept-ranges
bytes
access-control-allow-origin
*
content-length
1150
date
Thu, 17 Oct 2024 08:01:04 GMT
content-type
image/x-icon
last-modified
Tue, 21 Apr 2015 03:51:18 GMT
server
Microsoft-IIS/10.0
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| URLHelper object| urlHelper function| $ function| jQuery object| root string| debugStyle string| debugStyle_green string| debugStyle_red string| debugStyle_warning string| debugStyle_success string| debugStyle_error number| throttle_delay number| menu_speed boolean| menu_accordion boolean| enableJarvisWidgets boolean| localStorageJarvisWidgets boolean| sortableJarvisWidgets boolean| enableMobileWidgets object| boxList object| showList object| nameList object| idList object| chatbox_config object| ignore_key_elms boolean| voice_command string| voice_command_lang boolean| voice_localStorage object| commands function| runAllForms function| runAllCharts function| setup_widgets_desktop function| setup_widgets_mobile function| loadScript function| checkURL function| loadURL function| drawBreadCrumb function| pageSetUp function| getParam function| calc_navbar_height function| navbar_height object| shortcut_dropdown object| bread_crumb string| thisDevice object| jsArray object| initApp function| gMapsCallback function| loadGoogleMaps string| nAgt number| verOffset number| ix function| Fingerprint2 function| autosize function| catchTab function| hideKeyboard function| logEvents function| getBootstrapEnvironment function| DisableBrowserConsole function| nativeAlert function| ToggleAlert function| EnableAlert function| DisableAlert function| jarviswidget_onSave function| jarviswidget_onColorChange function| PwdStrengthValidator function| quickGenPassword function| quickGenPassword2 function| setCookie function| getCookie function| FormatCash object| KeyArray function| onlyLetters function| onlyNumbers function| onlyLettersNums function| randomNum function| randomInt function| randomFloat function| setContentFrameSrc function| round05 function| round01 function| roundStellen function| parseIntPlus function| parseFloatPlus function| parseBool function| FormatStellen function| FormatStellenRight function| replaceBadCharacters function| replaceHTMLEntities function| toggleFieldsets function| resizeTextarea function| getBase64CharCount function| PopoverToFixed function| getClearingNrFromIBAN function| formatIBAN function| formatQRReference function| formatCreditorReference function| formatPhoneNumber function| EpicTable3SearchHandler function| showMsgInvalidClientData function| calcPruefZifferMod10Rek function| checkRefNr function| mod97 function| checkTeilnehmerNr function| DownloadPromise function| Format2Html function| smartDebugSqlFormat function| calcMengeWithShortcut function| formatXml object| errors function| ButtonOnClickBlockUI function| checkIfIsInApp function| sha512 function| sha384 function| sha512_256 function| sha512_224 function| hash object| $this

2 Cookies

Domain/Path Name / Value
booking.frame.ch/ Name: ASPSESSIONIDAERRDTTT
Value: HCHLABGAAAMCGBKNIJBGBLGP
booking.frame.ch/ Name: OfficeBonusLogin
Value: AutoLogin16=0

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://booking.frame.ch/boot/Login/Login.asp?isApp=
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.frame.ch
fonts.googleapis.com
fonts.gstatic.com
office35.i2k.ch
142.250.184.195
2606:4700:20::681a:f78
2a00:1450:4001:80f::200a
82.220.91.195
03178b5047d433cc35459b3930479e7728e6d9055496d2318fdab8afce9e8390
03fd6a830cb30499bee9b529cc3f4c99cfb23d276f19ae2bd76276d4f55295dd
08c7755eb9248d2f0d861305026e4c936c6a6f7be8b9630d77434b72d1843199
10fa38d6f20bb78b9ddcb57530310c8d12fea3c87162709edf2a2b1a8b91b737
19ac3d1560ebdb78b4f76dbbe9c9bb544376ede7ac35cf237e53feb3a6568c91
21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080
233ee05f101c7fb0764f48ceff1fc5be5e01aa3b697d905c4191fb8f84c4e6a4
26692f83f9487dd7fb3f60e50a6ffb62ba7e52d6d6a7941210fb542f55883a5a
2b6b482bad2104d633c16a3fac13bf94fd7a4ff1e6a3d4c292d1a851034a7729
2f6c2919e55108b38005163a8dc3148de28953b6589dcb2e9f65d4693e81fac3
32fa81861a662f8f03701e2ee4048fc99ed0e43c8ffb5e5953ef01433fded659
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
40400e2c03d28b3e9e06d1e95158794f36ec7aadc0360e39ee7d21dad094c72e
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
516453a30b1dd23050eef4ef918acad751739de6e9e84058450bce850353e2ec
5a4922b40702ff9fcd5b89e00eedab9236a60a0fa78b45aa261a787ef34cc062
5db8d1879f01149caa4d2f8cff707836e4f45493e0b15b28174ac9a11b0527a2
5df07274b80d7f1b6eacc355d2b74684da15b5c7585f32e25ea2095834965f41
61d334ba53bfe1a525e216e73ba3077d8729eb1cb70116cdd9e73efc82be47ba
67e9dbc8eea0ec45767ed0d825e0c2da8317c14b4c9074ceee290e309ff0d3ea
743f6e14c1c9cd34dbb87c3d2c4f147786ffc5004c3efdcf3b5eb8d016cf11f6
7ca397796d226cf1bf66969c3baeda34fe74f5ef9ed797f866ad40b61d632c5e
7e05acdb1ae8f89c817adc0f0ffd0cfe9cf96ac4f664c8f48b0d340de2cd45aa
88d91bb47a97381eb3515abcd248d631bcdc35cb0d99dcd5d29fc8781f4ad9ff
8f090a4a5cca96c68f025431ca1ce0382f0755113654114584438f789b880bb1
9928045704227a08ee665b3186f0f71024c55d130a92087065faab49b5697190
a13e5eeca8871027da3924744aa0954966d77306ec3d16d1f0bc840fff0991bb
a15ff839ba42b00a98bfbf027bdab1a9e2283c4db2f4c8c034c7a3f124bffe0b
a2acbfb4c42643fe99491e23f5d1743bc3e3ae1ba94a552bf0cd501309ad1091
a771731f8ddb3a2c0426884135e1136b22d3a40bb48c69bf77b58f3e5c854ed7
b9dabcb89968fd8e53ea9ad9edac30f8b7c24e876a0e797f38b2e6fcc900517a
cc659edbe8d4a07baf92a994a328ed4c1440b1585cd5ec5bbe31d08ec4e35d8b
cc69fc6a8785430a9c8d93482a7119916087474ecce6cf9f59edfa321932c064
d09b8920928a495c5e85af2497db5f79f0fb83e9ae48a777d3db7071fd3093ce
d9a5b18e402d360c8db7b8d6062c92e5245ac35082a5019e4a045b9841232f64
da5bad98b2981c432e4d723b9cca8cb831e5580686928035101857b2a88670a7
def8d046dab5261e986f9880c8324f3ece6163b0432abba0ca4f9abf531144ff
e6d313a12088127a8461e5e994533f3158bd9c219973f729dfbdf65ad8884e03
e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65
ece7c0817077357373e4a52d6211191c3cd6a28b137151471f7c6149b19de1ee
ed02d6499e8f84614fdbd922735a410359d7fad9f3619f7eba23ceab2f8392db
fffdc576b06191be86de1a2e47f9c746ad4eba516fa121d8734bb896df541988