urlscan.io logo urlscan.io
SecurityTrails logo

id.mobility.ch Open in urlscan Pro
3.123.193.197  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://my.mobility.ch/login
Effective URL: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZID...
Submission: On February 22 via manual from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 46 HTTP transactions. The main IP is 3.123.193.197, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is id.mobility.ch.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on March 27th 2023. Valid for: a year.
This is the only time id.mobility.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 195.65.210.72 3303 (SWISSCOM ...)
1 193.16.220.35 30935 (DATATRANS...)
3 2a00:1450:400... 15169 (GOOGLE)
1 23 3.123.193.197 16509 (AMAZON-02)
1 2600:9000:212... 16509 (AMAZON-02)
1 2600:9000:212... 16509 (AMAZON-02)
46 7
17    195.65.210.72 (Lyssach, Switzerland)

ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH)
my.mobility.ch
1    193.16.220.35 (Switzerland)

ASN30935 (DATATRANS-CH-AS, CH)
pay.datatrans.com
3    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
23    3.123.193.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
api.mobility.ch
id.mobility.ch
1    2600:9000:2127:a00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.link
1    2600:9000:2127:3000:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)
api2.branch.io
Apex Domain
Subdomains		 Transfer
40 mobility.ch
my.mobility.ch
api.mobility.ch
id.mobility.ch
3 MB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
225 KB
1 branch.io
api2.branch.io — Cisco Umbrella Rank: 1099
649 B
1 app.link
app.link — Cisco Umbrella Rank: 2206
632 B
1 datatrans.com
pay.datatrans.com — Cisco Umbrella Rank: 66134
15 KB
46 5
Domain Requested by
21 id.mobility.ch 1 redirects my.mobility.ch
id.mobility.ch
17 my.mobility.ch my.mobility.ch
3 www.googletagmanager.com my.mobility.ch
id.mobility.ch
2 api.mobility.ch my.mobility.ch
1 api2.branch.io my.mobility.ch
1 app.link my.mobility.ch
1 pay.datatrans.com my.mobility.ch
46 7

This site contains links to these domains. Also see Links.

Domain
www.mobility.ch
www.facebook.com
www.youtube.com
twitter.com
instagram.com
www.linkedin.com
www.xing.com
Subject Issuer Validity Valid
*.mobility.ch
GlobalSign RSA OV SSL CA 2018		 2023-03-27 -
2024-04-27		 a year crt.sh
pay.datatrans.com
DigiCert EV RSA CA G2		 2023-06-15 -
2024-07-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
appipv4.link
Amazon RSA 2048 M02		 2023-04-25 -
2024-05-23		 a year crt.sh
*.branch.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Frame ID: F8F684493DA0C5D88AAFEB85F289F4A0
Requests: 45 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-6QTX
Frame ID: 2C2C5B1A098D320FA75FE053A0019A9D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My Mobility

Page URL History Show full URLs

  1. https://my.mobility.ch/login Page URL
  2. https://id.mobility.ch/oauth2/authorize?response_type=code&client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&s... HTTP 302
    https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

98 %
HTTPS

50 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

2831 kB
Transfer

10158 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://my.mobility.ch/login Page URL
  2. https://id.mobility.ch/oauth2/authorize?response_type=code&client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&redirect_uri=https%3A%2F%2Fmy.mobility.ch&scope=openid&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha HTTP 302
    https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login
my.mobility.ch/ 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.mobility.ch/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
159d64f52d32b2416ed00c8376380cba6e319a7a9286f8d91039dd4352fa1e41
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Access-Control-Allow-Origin
*.mobility.ch
Access-Control-Max-Age
60
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1917
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Content-Type
text/html; charset=UTF-8
Date
Thu, 22 Feb 2024 15:02:15 GMT
ETag
"18d8-610cc21ff0d80-gzip"
Last-Modified
Wed, 07 Feb 2024 15:13:10 GMT
Server
Apache
Strict-Transport-Security
max-age=63072000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
splash.css
my.mobility.ch/ 		7 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.mobility.ch/splash.css
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
f4beba9fe514443c75d9f945c4aa3e8fbe2628dba862a651272048aaf6a442ec
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://my.mobility.ch/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:15 GMT
Strict-Transport-Security
max-age=63072000
Content-Encoding
gzip
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
2945
Last-Modified
Wed, 07 Feb 2024 16:00:34 GMT
Server
Apache
ETag
"1cf6-610cccb830c80-gzip"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
text/css
Access-Control-Allow-Origin
*.mobility.ch
Vary
Accept-Encoding
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
runtime.15ccd3d65dc749d0.js
my.mobility.ch/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.mobility.ch/runtime.15ccd3d65dc749d0.js
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
ececcc62e2c708a15ee30c314eaf07bba09e6249e12f5d4947b190f4c550c920
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://my.mobility.ch/login
Origin
https://my.mobility.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:15 GMT
Strict-Transport-Security
max-age=63072000
Content-Encoding
gzip
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
837
Last-Modified
Wed, 07 Feb 2024 15:13:00 GMT
Server
Apache
ETag
"5c6-610cc21667700-gzip"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
application/javascript
Access-Control-Allow-Origin
*.mobility.ch
Vary
Accept-Encoding
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
polyfills.46c7b0191d454fed.js
my.mobility.ch/ 		161 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.mobility.ch/polyfills.46c7b0191d454fed.js
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
eaea9bfee75c4f60c422adf57cfc8c83ea50c591fd18128bf7dc20887a2af3e0
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://my.mobility.ch/login
Origin
https://my.mobility.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:15 GMT
Strict-Transport-Security
max-age=63072000
Content-Encoding
gzip
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 07 Feb 2024 15:13:00 GMT
Server
Apache
ETag
"28455-610cc21667700-gzip"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
application/javascript
Access-Control-Allow-Origin
*.mobility.ch
Vary
Accept-Encoding
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
scripts.ed0355b314546953.js
my.mobility.ch/ 		243 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.mobility.ch/scripts.ed0355b314546953.js
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
50c1edc5a911e7642230300feff98f67afc74d5b3c3a6da51687794bf2b4f99f
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://my.mobility.ch/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:15 GMT
Strict-Transport-Security
max-age=63072000
Content-Encoding
gzip
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 07 Feb 2024 15:13:00 GMT
Server
Apache
ETag
"3cd6f-610cc21667700-gzip"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
application/javascript
Access-Control-Allow-Origin
*.mobility.ch
Vary
Accept-Encoding
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
main.0c39eaf14aa1d5f9.js
my.mobility.ch/ 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.mobility.ch/main.0c39eaf14aa1d5f9.js
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
e2c1c5ae0848aa6e520f499f766782b7714642412e92b9e30cb50c1797f56a41
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://my.mobility.ch/login
Origin
https://my.mobility.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:15 GMT
Strict-Transport-Security
max-age=63072000
Content-Encoding
gzip
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 07 Feb 2024 15:13:00 GMT
Server
Apache
ETag
"6cde40-610cc21667700-gzip"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
application/javascript
Access-Control-Allow-Origin
*.mobility.ch
Vary
Accept-Encoding
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
styles.2648e935d4a6c6c3.css
my.mobility.ch/ 		463 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.mobility.ch/styles.2648e935d4a6c6c3.css
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
0a3c41a93f2e98a1891920510c432bc934737a9b4ca928932e121e8914d0c3a8
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://my.mobility.ch/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:15 GMT
Strict-Transport-Security
max-age=63072000
Content-Encoding
gzip
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 07 Feb 2024 15:13:00 GMT
Server
Apache
ETag
"73d59-610cc21667700-gzip"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
text/css
Access-Control-Allow-Origin
*.mobility.ch
Vary
Accept-Encoding
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d3f134a55066dfd0d225ce3314ecdf7f8088422328d2ec771c7dd9b0bbc4d6c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type
image/svg+xml
f7b387cf-f3f4-4160-9162-1ca1b75a3615.ab17a478f2f43a59.woff
my.mobility.ch/ 		32 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.mobility.ch/f7b387cf-f3f4-4160-9162-1ca1b75a3615.ab17a478f2f43a59.woff
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
e38ce2c162ff2e0cab6d180ef39fa4c38fd523f6f5eab50a3c3ff7010b416949
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://my.mobility.ch/login
Origin
https://my.mobility.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:15 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Connection
keep-alive
Content-Length
33000
Last-Modified
Wed, 07 Feb 2024 15:13:00 GMT
Server
Apache
ETag
"80e8-610cc21667700"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
font/woff
Access-Control-Allow-Origin
*.mobility.ch
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
environment.json
my.mobility.ch/ 		13 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.mobility.ch/environment.json
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/polyfills.46c7b0191d454fed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
9eb973045fc5fd9f7d275f0eb5397dfcf12a0614d582313d2de5b945b31b54f9
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://my.mobility.ch/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:16 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Connection
keep-alive
Content-Length
13392
Last-Modified
Wed, 07 Feb 2024 16:14:08 GMT
Server
Apache
ETag
"3450-610ccfc07b400"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
*.mobility.ch
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
tenant.config.json
my.mobility.ch/ 		9 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.mobility.ch/tenant.config.json
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/polyfills.46c7b0191d454fed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
e7fae08bb58c94573f728b9874c8406f8a02e99db7bc773ed305a0ad673636e0
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://my.mobility.ch/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:16 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Connection
keep-alive
Content-Length
9149
Last-Modified
Wed, 07 Feb 2024 16:14:08 GMT
Server
Apache
ETag
"23bd-610ccfc07b400"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
*.mobility.ch
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
datatrans-2.0.0.js
pay.datatrans.com/upp/payment/js/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.datatrans.com/upp/payment/js/datatrans-2.0.0.js
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/main.0c39eaf14aa1d5f9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.16.220.35 , Switzerland, ASN30935 (DATATRANS-CH-AS, CH),
Reverse DNS
Software
nginx /
Resource Hash
5bcfced173909562b22a209f4f4922212798e1f5e3bed2decb6ed3df7cc7d63c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://my.mobility.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:16 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
Server
nginx
ETag
1708609503511
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
default-src 'self'; script-src 'self' 'unsafe-inline' https://pay.google.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://www.gstatic.com; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self'; child-src 'self'; frame-src 'self' https://pay.google.com https://3d.sandbox.datatrans.com https://3d.datatrans.com; object-src 'self'; report-uri /upp/csp-report
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
application/javascript;charset=UTF-8
Cache-Control
public, max-age=300
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 22 Feb 2024 15:07:16 GMT
gtm.js
www.googletagmanager.com/ 		392 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-6QTX&l=digitalData
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
562ac32cf7bb409b80a7574a339360ff19753910ac2a61c3b09a7b268d0d3e36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://my.mobility.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
114851
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 22 Feb 2024 15:02:16 GMT
ns.html
www.googletagmanager.com/ Frame 2C2C 		268 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-6QTX
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/main.0c39eaf14aa1d5f9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://my.mobility.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 22 Feb 2024 15:02:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
client
api.mobility.ch/classic/10/v2/v2.0/public/settings/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mobility.ch/classic/10/v2/v2.0/public/settings/client
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
app-key
Access-Control-Request-Method
GET
Origin
https://my.mobility.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

accept
*/*
accept-encoding
gzip, deflate, br
access-control-allow-headers
authorization,Access-Control-Allow-Origin,Content-Type,SOAPAction,mobisys-session-token,x-http-method-override,App-Key,Authorization
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-request-headers
app-key
access-control-request-method
GET
cache-control
no-cache
date
Thu, 22 Feb 2024 15:02:16 GMT
host
api.mobility.ch
origin
https://my.mobility.ch
pragma
no-cache
referer
https://my.mobility.ch/
sec-fetch-dest
empty
sec-fetch-mode
cors
sec-fetch-site
same-site
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
x-amzn-trace-id
Root=1-65d761f8-503a727d39bc5bd74eb4101a
x-forwarded-for
176.10.106.9
x-forwarded-port
443
x-forwarded-proto
https
client
api.mobility.ch/classic/10/v2/v2.0/public/settings/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mobility.ch/classic/10/v2/v2.0/public/settings/client
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/polyfills.46c7b0191d454fed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9eb04e4a671d5083f4b7d9eb8441e8ff1423a88732017b74f74705cb5c176317
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; frame-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json;charset=UTF-8
Referer
https://my.mobility.ch/
App-Key
936ab40c2c4f0c86d7af268818e9be65
Accept-Language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
referrer-policy
no-referrer
content-security-policy
default-src 'self'; frame-ancestors 'self'; frame-src 'self'
x-frame-options
DENY
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://my.mobility.ch
access-control-expose-headers
location, content-disposition
cache-control
no-cache
access-control-allow-credentials
true
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
access-control-allow-headers
authorization,Access-Control-Allow-Origin,Content-Type,SOAPAction,mobisys-session-token,x-http-method-override,App-Key,Authorization
en.json
my.mobility.ch/assets/i18n/ 		81 KB
82 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.mobility.ch/assets/i18n/en.json
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/polyfills.46c7b0191d454fed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
63eb87f9c7e69fdc97cce10c6729917fd5d4764832c2f989c08a58f063fc6cde
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://my.mobility.ch/login
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:16 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Connection
keep-alive
Content-Length
82471
Last-Modified
Wed, 07 Feb 2024 16:00:32 GMT
Server
Apache
ETag
"14227-610cccb648800"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
*.mobility.ch
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
_r
app.link/ 		91 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.link/_r?sdk=web2.58.0&branch_key=key_live_ccTQs4FvlpMrmi23unG9domhvFl0p0XC&callback=branch_callback__0
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/main.0c39eaf14aa1d5f9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:a00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
fb62a30ef0a618b03d88440cfe9876a415c78e6d6ef669b162ffa9d8c7887445
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://my.mobility.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
server
openresty
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop
PRG50-C1
etag
W/"5b-xFIKBms5MMNMIUMxZHOAVpFp3do"
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
91
x-amz-cf-id
_UM1pf8-W_od2VhmXqDVpzAIJsLjLY_g0-xEwT7KXWlDN3Tmvd58dg==
logo.svg
my.mobility.ch/assets/images/ 		4 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.mobility.ch/assets/images/logo.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
0b7cc002b44514cf7a1a5f0a29b7857b0e5486b3ed3b775fa596969153a7eaa7
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://my.mobility.ch/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:16 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Connection
keep-alive
Content-Length
4168
Last-Modified
Wed, 07 Feb 2024 16:00:32 GMT
Server
Apache
ETag
"1048-610cccb648800"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*.mobility.ch
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
app-store-dark-EN.a2e763b82653be76.svg
my.mobility.ch/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.mobility.ch/app-store-dark-EN.a2e763b82653be76.svg
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/styles.2648e935d4a6c6c3.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://my.mobility.ch/styles.2648e935d4a6c6c3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:16 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Connection
keep-alive
Content-Length
10804
Last-Modified
Wed, 07 Feb 2024 15:13:00 GMT
Server
Apache
ETag
"2a34-610cc21667700"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*.mobility.ch
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
google-play-dark-EN.791bcb57b81d7cd1.svg
my.mobility.ch/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.mobility.ch/google-play-dark-EN.791bcb57b81d7cd1.svg
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/styles.2648e935d4a6c6c3.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
7ef6a4fec06f4e781289ba672e6698a17f4843afac61ccd5e3177871382e1fbd
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://my.mobility.ch/styles.2648e935d4a6c6c3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:16 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Connection
keep-alive
Content-Length
8786
Last-Modified
Wed, 07 Feb 2024 15:13:00 GMT
Server
Apache
ETag
"2252-610cc21667700"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*.mobility.ch
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
brandicons.d3adfe5e1cce901b.woff
my.mobility.ch/ 		27 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.mobility.ch/brandicons.d3adfe5e1cce901b.woff
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/styles.2648e935d4a6c6c3.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
ea6fd97aafe9c2ffd6f72da38ea31e9ece129290271842271c217ac4954ca52a
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://my.mobility.ch/styles.2648e935d4a6c6c3.css
Origin
https://my.mobility.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:16 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Connection
keep-alive
Content-Length
27576
Last-Modified
Wed, 07 Feb 2024 15:13:00 GMT
Server
Apache
ETag
"6bb8-610cc21667700"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
font/woff
Access-Control-Allow-Origin
*.mobility.ch
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
03aaa120-6cbd-477a-9d8d-8a7ac97fd0b0.c81e61261718aca3.woff
my.mobility.ch/ 		33 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.mobility.ch/03aaa120-6cbd-477a-9d8d-8a7ac97fd0b0.c81e61261718aca3.woff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
ee62ceb0f15c30d427a854ef1573b19630d20e60cee88bda96ceb8f393b53b47
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://my.mobility.ch/login
Origin
https://my.mobility.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:16 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Connection
keep-alive
Content-Length
33717
Last-Modified
Wed, 07 Feb 2024 15:13:00 GMT
Server
Apache
ETag
"83b5-610cc21667700"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
font/woff
Access-Control-Allow-Origin
*.mobility.ch
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
fontawesome-webfont.e9955780856cf8aa.woff2
my.mobility.ch/ 		75 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.mobility.ch/fontawesome-webfont.e9955780856cf8aa.woff2?v=4.7.0
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/styles.2648e935d4a6c6c3.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.65.210.72 Lyssach, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://my.mobility.ch/styles.2648e935d4a6c6c3.css
Origin
https://my.mobility.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 15:02:16 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Connection
keep-alive
Content-Length
77160
Last-Modified
Wed, 07 Feb 2024 15:13:00 GMT
Server
Apache
ETag
"12d68-610cc21667700"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
font/woff2
Access-Control-Allow-Origin
*.mobility.ch
X-Frame-Options
DENY
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
open
api2.branch.io/v1/ 		274 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/open
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/polyfills.46c7b0191d454fed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://my.mobility.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 22 Feb 2024 15:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
fff42aa1-b8af-4515-a8b6-eba4eb59362c-2024022215
content-length
274
x-amz-cf-id
zJyKRkeB_M5vIgi0pmekSAE823I9fEjbsj6M5-bGT15vyBm0CELycg==
pageview
api2.branch.io/v1/ 		0
0
Primary Request login.do
id.mobility.ch/mob-authenticationendpoint/
Redirect Chain
  • https://id.mobility.ch/oauth2/authorize?response_type=code&client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&redirect_uri=...
  • https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCal...
24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Requested by
Host: my.mobility.ch
URL: https://my.mobility.ch/main.0c39eaf14aa1d5f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
e6b2c2b761bddf8acf70298d4f40174eb181766280a8b4cfe34aebfb78a7e615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.mobility.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 22 Feb 2024 15:02:17 GMT
server
WSO2 Carbon Server
vary
accept-encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

content-length
0
date
Thu, 22 Feb 2024 15:02:17 GMT
location
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
server
WSO2 Carbon Server
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
bootstrap.min.css
id.mobility.ch/mob-authenticationendpoint/libs/bootstrap_3.4.1/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/mob-authenticationendpoint/libs/bootstrap_3.4.1/css/bootstrap.min.css
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"121457-1695635556000"
x-frame-options
DENY
vary
accept-encoding
content-type
text/css
accept-ranges
bytes
x-xss-protection
1; mode=block
Roboto.css
id.mobility.ch/mob-authenticationendpoint/css/ 		301 B
855 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/mob-authenticationendpoint/css/Roboto.css
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
a0db4ef06ad7172414ba48c35c5d1308c9b0e43e1c0a3497fd5eb9bea994fc50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"301-1695635556000"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
content-length
301
x-xss-protection
1; mode=block
custom-common.css
id.mobility.ch/mob-authenticationendpoint/css/ 		43 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/mob-authenticationendpoint/css/custom-common.css
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
0474be459f51345d8ff9a46704863ee538873de69bb0e1d4558d559b3679bfc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"43595-1695635556000"
x-frame-options
DENY
vary
accept-encoding
content-type
text/css
accept-ranges
bytes
x-xss-protection
1; mode=block
custom-mob.css
id.mobility.ch/mob-authenticationendpoint/css/ 		482 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
6084027a20434e47b7da0d5184cb722903cee1e0c6886e177cc80e587595fa68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"493248-1695635556000"
x-frame-options
DENY
vary
accept-encoding
content-type
text/css
accept-ranges
bytes
x-xss-protection
1; mode=block
header-custom.css
id.mobility.ch/mob-authenticationendpoint/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/mob-authenticationendpoint/css/header-custom.css
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
07b701483657a4bc992b47bf272f18f0cdd338d5930fc3d0d7a2e7de535f6c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"8211-1695635556000"
x-frame-options
DENY
vary
accept-encoding
content-type
text/css
accept-ranges
bytes
x-xss-protection
1; mode=block
login-custom.css
id.mobility.ch/mob-authenticationendpoint/css/ 		262 B
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/mob-authenticationendpoint/css/login-custom.css
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
03a61ec53ce1dc1857273cdc0ee8115f071981328aecc90c5b804cd613335797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"262-1695635556000"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
content-length
262
x-xss-protection
1; mode=block
custom-scripts.js
id.mobility.ch/mob-authenticationendpoint/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/mob-authenticationendpoint/js/custom-scripts.js
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
61bf6ab4a62c68cf46a2039b62ddeefa185fa8f613f1d8705d8814650dff3f8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"1705-1695635556000"
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
content-length
1705
x-xss-protection
1; mode=block
logo-inverse.svg
id.mobility.ch/mob-authenticationendpoint/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.mobility.ch/mob-authenticationendpoint/images/logo-inverse.svg
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
0b7cc002b44514cf7a1a5f0a29b7857b0e5486b3ed3b775fa596969153a7eaa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"4168-1695635556000"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
content-length
4168
x-xss-protection
1; mode=block
jquery-3.4.1.js
id.mobility.ch/mob-authenticationendpoint/libs/jquery_3.4.1/ 		286 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/mob-authenticationendpoint/libs/jquery_3.4.1/jquery-3.4.1.js
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
3f80e8e5e1945b57180397b363fb0a747e1e99cf492d59b4f8cd09bfb239f2b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"292564-1695635556000"
x-frame-options
DENY
vary
accept-encoding
content-type
application/javascript
accept-ranges
bytes
x-xss-protection
1; mode=block
bootstrap.min.js
id.mobility.ch/mob-authenticationendpoint/libs/bootstrap_3.4.1/js/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/mob-authenticationendpoint/libs/bootstrap_3.4.1/js/bootstrap.min.js
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"39680-1695635556000"
x-frame-options
DENY
vary
accept-encoding
content-type
application/javascript
accept-ranges
bytes
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		392 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-6QTX&l=digitalData
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e76140aa69e6c0e35633b31b3ba87dd06d997ef1f2170b590f62eefd575efe03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://id.mobility.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
114853
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 22 Feb 2024 15:02:17 GMT
password-strength-closed.svg
id.mobility.ch/mob-authenticationendpoint/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.mobility.ch/mob-authenticationendpoint/images/password-strength-closed.svg
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
961c12a9132a00305c79b1a4cd0eadf6d56663aea57d6cec1950a0d655791f5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://id.mobility.ch/mob-authenticationendpoint/css/custom-common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"1897-1695635556000"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
content-length
1897
x-xss-protection
1; mode=block
app-store-dark-EN.svg
id.mobility.ch/mob-authenticationendpoint/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.mobility.ch/mob-authenticationendpoint/images/app-store-dark-EN.svg
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"10804-1695635556000"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
content-length
10804
x-xss-protection
1; mode=block
google-play-dark-EN.svg
id.mobility.ch/mob-authenticationendpoint/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.mobility.ch/mob-authenticationendpoint/images/google-play-dark-EN.svg
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
7ef6a4fec06f4e781289ba672e6698a17f4843afac61ccd5e3177871382e1fbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"8786-1695635556000"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
content-length
8786
x-xss-protection
1; mode=block
brandicons.woff
id.mobility.ch/mob-authenticationendpoint/fonts/brandicons/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/mob-authenticationendpoint/fonts/brandicons/brandicons.woff
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
eb54538b38adb5c580996dfd6d3777a654e1f1624ac62544085f349b578a96de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
Origin
https://id.mobility.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"27576-1695635556000"
x-frame-options
DENY
accept-ranges
bytes
content-length
27576
x-xss-protection
1; mode=block
f7b387cf-f3f4-4160-9162-1ca1b75a3615.woff
id.mobility.ch/mob-authenticationendpoint/fonts/bentonsansregular/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/mob-authenticationendpoint/fonts/bentonsansregular/f7b387cf-f3f4-4160-9162-1ca1b75a3615.woff
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
9cd9d986bd6ebf947d9a38a18e0593788ccb22e6bf6372cb83105de2eabc1930
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
Origin
https://id.mobility.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"33000-1695635556000"
x-frame-options
DENY
accept-ranges
bytes
content-length
33000
x-xss-protection
1; mode=block
03aaa120-6cbd-477a-9d8d-8a7ac97fd0b0.woff
id.mobility.ch/mob-authenticationendpoint/fonts/bentonsansbold/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/mob-authenticationendpoint/fonts/bentonsansbold/03aaa120-6cbd-477a-9d8d-8a7ac97fd0b0.woff
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
3908afbaf3d191c01bbb354f8ff994174f9cd8b02f49dd971915fe1af82d432d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://id.mobility.ch/mob-authenticationendpoint/css/custom-common.css
Origin
https://id.mobility.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"33717-1695635556000"
x-frame-options
DENY
accept-ranges
bytes
content-length
33717
x-xss-protection
1; mode=block
glyphicons-halflings-regular.woff2
id.mobility.ch/mob-authenticationendpoint/css/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/mob-authenticationendpoint/css/glyphicons-halflings-regular.woff2
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
7882b1fe56ec16311aed154afc1578601c4fad824da307100cbd641b35bec919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
Origin
https://id.mobility.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"18028-1695635556000"
x-frame-options
DENY
accept-ranges
bytes
content-length
18028
x-xss-protection
1; mode=block
fontawesome-webfont.woff2
id.mobility.ch/mob-authenticationendpoint/fonts/fontawesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/mob-authenticationendpoint/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://id.mobility.ch/mob-authenticationendpoint/css/custom-mob.css
Origin
https://id.mobility.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 09:52:36 GMT
server
WSO2 Carbon Server
etag
W/"77160-1695635556000"
x-frame-options
DENY
accept-ranges
bytes
content-length
77160
x-xss-protection
1; mode=block
logincontext
id.mobility.ch/ 		20 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.mobility.ch/logincontext?sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&tenantDomain=carbon.super
Requested by
Host: id.mobility.ch
URL: https://id.mobility.ch/mob-authenticationendpoint/libs/jquery_3.4.1/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.193.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-193-197.eu-central-1.compute.amazonaws.com
Software
WSO2 Carbon Server /
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://id.mobility.ch/mob-authenticationendpoint/login.do?client_id=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&code_challenge=q6aZIDNIHBVu6u8wbMHIF3FaKSmNRa2Oji11fDv6Ozg&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&nonce=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXha&passiveAuth=false&redirect_uri=https%3A%2F%2Fmy.mobility.ch&response_type=code&scope=openid&state=aFl1b1lIeUxoNDFYWVM4TGcuVnFYSHo3NzRoOFBZTkUxdm9senRuamZ5cXhasemicolon%252Flogin&tenantDomain=carbon.super&sessionDataKey=dddaa92a-ae6d-4700-9930-ae4fb32bd995&relyingParty=TU3BlzCxHpEA4Qb8iuIkIvxXUNAa&type=oidc&sp=APISUB.AdNovum_Customer_WebApp-2_PRODUCTION&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
X-Requested-With
XMLHttpRequest
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:02:17 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'
referrer-policy
same-origin
server
WSO2 Carbon Server
content-type
application/json;charset=UTF-8
content-length
20
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api2.branch.io
URL
https://api2.branch.io/v1/pageview

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| toggleCollapse function| toggleCollapseForElement function| setLanguageCookie function| getCookie object| digitalData function| checkSessionKey function| getParameterByName function| $ function| jQuery function| passwordShowToggle function| myFunction function| handleNoDomain object| google_tag_manager object| google_tag_data object| TMSConfig object| TMSPageData object| tmsHelper undefined| reverseOrderedAttributes object| winLocUrlSlashed undefined| startWithProtocol undefined| pageUrlProvidedSlashed undefined| pageUrlConstructed undefined| pageUrlConstructedSlashed object| sourceId object| host object| b2bPath undefined| previousIsp undefined| endpoint undefined| req object| enrichmentStandard object| vpvUrlHandling object| tmsRequest object| tmsEventRequest object| tmsEventTracking object| scriptsOnPage number| TMSCount number| TMSFound string| src number| j string| key object| regex undefined| iframesOnPage undefined| k

4 Cookies

Domain/Path Name / Value
id.mobility.ch/mob-authenticationendpoint Name: JSESSIONID
Value: 0D421A87E5F448C96713840CBB0AA670E684486E1FADE35978C7B42EF983CEEFBAE94FB1FCF97A5875C82882E4E75323330A3D0C959596F83616DB76B93C71AB0AE198E02CF7B6FA2317A7A447DB56081127339FDAD8BD02A287467E361A51CA7CC8990093E4E9FB77CC3E300E8592150CE45167904463F0AB2467A4ED4F6EDE
.app.link/ Name: _s
Value: senx9ROpbczth50m7eAydNOaAVJ0CWYugJs7MH1ybEhO7VJmF%2FmtifAdgWPYlifN
id.mobility.ch/ Name: AWSALB
Value: wU04kuCveXSwXMBcQ5oyL+t7IlZ39JyxgwslY5nLqQALA9r+BE4Xh7gvI0dsPyuuQko2KuIxfjmt10pv4nvrUKOTI7twBA6IFwCpcDjT6jNP7DDLVX7l2VYXdAX5
id.mobility.ch/ Name: AWSALBCORS
Value: wU04kuCveXSwXMBcQ5oyL+t7IlZ39JyxgwslY5nLqQALA9r+BE4Xh7gvI0dsPyuuQko2KuIxfjmt10pv4nvrUKOTI7twBA6IFwCpcDjT6jNP7DDLVX7l2VYXdAX5

1 Console Messages

Source Level URL
Text
other warning URL: https://my.mobility.ch/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'unsafe-eval' 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com https://bat.bing.com https://cdn.branch.io https://app.link *.mobility.ch *.licdn.com *.mobility-sas.com *.adform.net *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; style-src 'unsafe-inline' 'self' *.visualwebsiteoptimizer.com *.mobility-sas.com *.mobility.ch *.adform.net *.bing.com *.cookiebot.com *.google.com *.googletagmanager.com *.google-analytics.com *.googleapis.com *.googleadservices.com *.gstatic.com *.g.doubleclick.net *.pilot.datatrans.biz *.pay.sandbox.datatrans.com *.datatrans.com *.getback.ch *.facebook.net *.facebook.com *.guuru.com *.globalsign.com www.mobility.ch classicweb.mobility.ch; img-src * 'self' data: https chart.googleapis.com wingify-assets.s3.amazonaws.com *.visualwebsiteoptimizer.com; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mobility.ch
api2.branch.io
app.link
id.mobility.ch
my.mobility.ch
pay.datatrans.com
www.googletagmanager.com
api2.branch.io
193.16.220.35
195.65.210.72
2600:9000:2127:3000:11:f728:3040:93a1
2600:9000:2127:a00:19:9934:6a80:93a1
2a00:1450:4001:806::2008
3.123.193.197
03a61ec53ce1dc1857273cdc0ee8115f071981328aecc90c5b804cd613335797
0474be459f51345d8ff9a46704863ee538873de69bb0e1d4558d559b3679bfc8
07b701483657a4bc992b47bf272f18f0cdd338d5930fc3d0d7a2e7de535f6c95
0a3c41a93f2e98a1891920510c432bc934737a9b4ca928932e121e8914d0c3a8
0b7cc002b44514cf7a1a5f0a29b7857b0e5486b3ed3b775fa596969153a7eaa7
159d64f52d32b2416ed00c8376380cba6e319a7a9286f8d91039dd4352fa1e41
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3908afbaf3d191c01bbb354f8ff994174f9cd8b02f49dd971915fe1af82d432d
3f80e8e5e1945b57180397b363fb0a747e1e99cf492d59b4f8cd09bfb239f2b4
42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b
50c1edc5a911e7642230300feff98f67afc74d5b3c3a6da51687794bf2b4f99f
562ac32cf7bb409b80a7574a339360ff19753910ac2a61c3b09a7b268d0d3e36
5bcfced173909562b22a209f4f4922212798e1f5e3bed2decb6ed3df7cc7d63c
6084027a20434e47b7da0d5184cb722903cee1e0c6886e177cc80e587595fa68
61bf6ab4a62c68cf46a2039b62ddeefa185fa8f613f1d8705d8814650dff3f8c
63eb87f9c7e69fdc97cce10c6729917fd5d4764832c2f989c08a58f063fc6cde
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
7882b1fe56ec16311aed154afc1578601c4fad824da307100cbd641b35bec919
7ef6a4fec06f4e781289ba672e6698a17f4843afac61ccd5e3177871382e1fbd
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
961c12a9132a00305c79b1a4cd0eadf6d56663aea57d6cec1950a0d655791f5f
9cd9d986bd6ebf947d9a38a18e0593788ccb22e6bf6372cb83105de2eabc1930
9d3f134a55066dfd0d225ce3314ecdf7f8088422328d2ec771c7dd9b0bbc4d6c
9eb04e4a671d5083f4b7d9eb8441e8ff1423a88732017b74f74705cb5c176317
9eb973045fc5fd9f7d275f0eb5397dfcf12a0614d582313d2de5b945b31b54f9
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a0db4ef06ad7172414ba48c35c5d1308c9b0e43e1c0a3497fd5eb9bea994fc50
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
e2c1c5ae0848aa6e520f499f766782b7714642412e92b9e30cb50c1797f56a41
e38ce2c162ff2e0cab6d180ef39fa4c38fd523f6f5eab50a3c3ff7010b416949
e6b2c2b761bddf8acf70298d4f40174eb181766280a8b4cfe34aebfb78a7e615
e76140aa69e6c0e35633b31b3ba87dd06d997ef1f2170b590f62eefd575efe03
e7fae08bb58c94573f728b9874c8406f8a02e99db7bc773ed305a0ad673636e0
ea6fd97aafe9c2ffd6f72da38ea31e9ece129290271842271c217ac4954ca52a
eaea9bfee75c4f60c422adf57cfc8c83ea50c591fd18128bf7dc20887a2af3e0
eb54538b38adb5c580996dfd6d3777a654e1f1624ac62544085f349b578a96de
ececcc62e2c708a15ee30c314eaf07bba09e6249e12f5d4947b190f4c550c920
ee62ceb0f15c30d427a854ef1573b19630d20e60cee88bda96ceb8f393b53b47
f4beba9fe514443c75d9f945c4aa3e8fbe2628dba862a651272048aaf6a442ec
fb62a30ef0a618b03d88440cfe9876a415c78e6d6ef669b162ffa9d8c7887445