app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io Open in urlscan Pro
91.208.207.141 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index
Effective URL:
https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Submission: On April 20 via automatic, source openphish (April 20th 2024, 1:16:56 am UTC) — Scanned from FR

Summary HTTP 31 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 31 HTTP transactions. The main IP is 91.208.207.141, located in France and belongs to MAGICRETAIL, FR. The main domain is app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io.
TLS certificate: Issued by R3 on April 7th 2024. Valid for: 3 months.

This is the only time app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Schweizerische Bundesbahnen (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 17	91.208.207.141 91.208.207.141	43424 (MAGICRETAIL) (MAGICRETAIL)
10	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.159.58.138 18.159.58.138	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	6

17 91.208.207.141 (France) 1 redirects

ASN43424 (MAGICRETAIL, FR)

app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.58.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-58-138.eu-central-1.compute.amazonaws.com

cdn.app.sbb.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	cleverapps.io 1 redirects app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io	292 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 306	157 KB
2	sbb.ch cdn.app.sbb.ch — Cisco Umbrella Rank: 420692	29 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 535	304 B
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 427	39 KB
0	Failed function sub() { [native code] }. Failed
31	6

	Domain	Requested by
17	app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io	1 redirects app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
10	cdn.cookielaw.org	app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io cdn.cookielaw.org
2	cdn.app.sbb.ch	app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
1	geolocation.onetrust.com	cdn.cookielaw.org
1	assets.adobedtm.com	app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
0	102.165.14.4 Failed	app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
31	6

This site contains links to these domains. Also see Links.

Domain
www.swisspass.ch
www.onetrust.com

Subject Issuer	Validity	Valid
*.cleverapps.io R3	`2024-04-07` - `2024-07-06`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.app.sbb.ch Amazon RSA 2048 M02	`2023-08-16` - `2024-09-13`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Frame ID: E744B5210902E6F042E4A89CA8593597
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmeldung | SwissPass

Page URL History Show full URLs

http://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index HTTP 307
https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index HTTP 301
http://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/ HTTP 307
https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/ Page URL

Detected technologies

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

97 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

516 kB
Transfer

1865 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.swisspass.ch/datenschutz
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index HTTP 307
https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index HTTP 301
http://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/ HTTP 307
https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Redirect Chain

http://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index
https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index
http://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/

27 KB
6 KB

31ms
31ms

Document
text/html

91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 4f22aa2ae02e38ea0ac63a6da6e1263c90da61c837aa45c16efa0055dbbfcf6c

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5620
Content-Type: text/html; charset=UTF-8
Date: Sat, 20 Apr 2024 01:16:51 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Pragma: no-cache
Server: Apache
Sozu-Id: 01HVWH7PTRW0JYTFEWZVRRSZW2
Vary: Accept-Encoding

Redirect headers

Location: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK sso.min-20200819.css
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/css/normal/app/ 180 KB
24 KB 27ms
27ms Stylesheet
text/css 91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/css/normal/app/sso.min-20200819.css
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: df1e617507098c8826a05c6487106c27e13f067537dbaf4f44d0de4f7d5e8ee3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 01:16:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Feb 2024 13:50:00 GMT
Server: Apache
ETag: "2cedf-6120cd607b200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Sozu-Id: 01HVWH7PVRZMSEJDCZGKVK39X1
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 23716

GET
H/1.1 200
OK modernizr-20200819.js Show response
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/js/vendor/head/modernizr/ 8 KB
4 KB 66ms
23ms Script
text/javascript 91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/js/vendor/head/modernizr/modernizr-20200819.js
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 7a9fa521a58ee93001981f3a7db498c589233d8cc616e8d09af0119388a865bc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 01:16:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Feb 2024 13:50:00 GMT
Server: Apache
ETag: "1e5c-6120cd607b200-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Sozu-Id: 01HVWH7PX58CRKTE7GFT88H1ZH
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3453

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 73ms
29ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 20 Apr 2024 01:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zgTRIDojRJmnmBTwUyI2Vw==
age: 78392
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Thu, 18 Apr 2024 12:14:40 GMT
server: cloudflare
etag: 0x8DC5FA11F9DF6DF
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 18a0208e-901e-0060-0caa-91451c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87714a992aca6fe2-CDG

GET
H2 200 launch-6cc731e967aa.min.js Show response
assets.adobedtm.com/15ff638fdec4/7a0c4d63ddff/ 124 KB
39 KB 117ms
30ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/15ff638fdec4/7a0c4d63ddff/launch-6cc731e967aa.min.js
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f053f049a78c3afbce0d34f57d0bea4a24f7964d0e1e45197a35c06124b5e357

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 01:16:52 GMT
content-encoding: gzip
last-modified: Wed, 22 Nov 2023 12:08:14 GMT
server: AkamaiNetStorage
etag: "d5bf712a6ebd7590bb155ad6e1290f49:1700654894.794356"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 39144
expires: Sat, 20 Apr 2024 02:16:52 GMT

GET
H/1.1 200
OK modernizr-20200820.js Show response
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/js/vendor/head/modernizr/ 360 KB
122 KB 77ms
35ms Script
text/javascript 91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/js/vendor/head/modernizr/modernizr-20200820.js
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 15c179af6a66be10fa288925824cbf9fea1e277066233e55425c119dd01db43e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 01:16:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Feb 2024 13:50:00 GMT
Server: Apache
ETag: "5a16d-6120cd607b200-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript
Sozu-Id: 01HVWH7PX55BP4WPCY9JRFQC4G
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK logo_text_de-20200819.svg
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/img/ 137 KB
19 KB 74ms
32ms Image
image/svg+xml 91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/img/logo_text_de-20200819.svg
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 01:16:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Feb 2024 13:50:00 GMT
Server: Apache
ETag: "222c3-6120cd607b200-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Sozu-Id: 01HVWH7PX58YHAK4FYGAMPGRDN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19032

GET
H/1.1 200
OK logo-20200819.svg
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/img/ 7 KB
3 KB 67ms
25ms Image
image/svg+xml 91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/img/logo-20200819.svg
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 01:16:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Feb 2024 13:50:00 GMT
Server: Apache
ETag: "1cce-6120cd607b200-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Sozu-Id: 01HVWH7PX540S7V4E7N9ZK9QXX
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2660

GET
H/1.1 200
OK loader-20200819.png
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/img/ 272 B
577 B 24ms
23ms Image
image/png 91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/img/loader-20200819.png
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: f766c7457c6ec463eaa85778aa47261344f1772e0b7cf1987ad212f889f472f5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 01:16:52 GMT
Last-Modified: Fri, 23 Feb 2024 13:50:00 GMT
Server: Apache
ETag: "110-6120cd607b200"
Content-Type: image/png
Sozu-Id: 01HVWH7PY02XSXCFP8SJ2ZM2WV
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 272

GET
H/1.1 200
OK jquery-20200819.js Show response
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/primefaces/jquery/ 95 KB
33 KB 29ms
29ms Script
text/javascript 91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/primefaces/jquery/jquery-20200819.js
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 2b2485b0669a2f73c4846e82eb5a37421358591a8ac8ba21d8149bfb88adcbfb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 01:16:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Feb 2024 13:50:00 GMT
Server: Apache
ETag: "17c58-6120cd607b200-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Sozu-Id: 01HVWH7PY7RGDJF1DGKMN0NAZ1
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 33859

GET
H/1.1 200
OK vendor.min-20200819.js Show response
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/js/vendor/ 178 KB
53 KB 32ms
32ms Script
text/javascript 91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/js/vendor/vendor.min-20200819.js
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: f5e694ba6b63a657fae3f561dc0e8ae0247534616d9e844005d11d8ba2535338

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 01:16:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Feb 2024 13:50:00 GMT
Server: Apache
ETag: "2c719-6120cd607b200-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Sozu-Id: 01HVWH7PYZQNBRJQ1TS5VJ3R4M
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 54198

GET
H/1.1 200
OK swisspass.min-20200819.js Show response
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/js/ 97 KB
25 KB 29ms
29ms Script
text/javascript 91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/js/swisspass.min-20200819.js
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 9c50211b34ab0377f3b35c243c98e402315127bfa5b51e147cb22c702174ca60

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 01:16:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Feb 2024 13:50:00 GMT
Server: Apache
ETag: "18410-6120cd607b200-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Sozu-Id: 01HVWH7PZRTCZXV5ZWF71HQ716
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 25419

GET
H2 200 SBBWeb-Light.woff2
cdn.app.sbb.ch/fonts/v1_6_subset/ 14 KB
14 KB 112ms
50ms Font
application/font-woff2 18.159.58.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Light.woff2
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/css/normal/app/sso.min-20200819.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.58.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-58-138.eu-central-1.compute.amazonaws.com
Software: nginx/1.25.4 /
Resource Hash: 5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/
Origin: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 01:16:52 GMT
content-encoding: br
last-modified: Wed, 31 Jan 2024 10:14:44 GMT
server: nginx/1.25.4
etag: W/"65ba1d94-3784"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public, private
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
expires: Sun, 20 Apr 2025 01:16:52 GMT

GET
H2 200 e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json Show response
cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/ 4 KB
2 KB 102ms
62ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4edef10152ecacb7f62929c0496ed48941bfe8bea02e6449cf720ff030addfc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 20 Apr 2024 01:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: iwIpyq7vAuKwpHzHQHFt4g==
content-length: 1593
x-ms-lease-status: unlocked
last-modified: Thu, 28 Mar 2024 09:00:59 GMT
server: cloudflare
etag: 0x8DC4F059623FCE9
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4871abdc-901e-0012-12c0-924253000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87714a99abfbd408-CDG

POST receive_token
102.165.14.4/ 0
0

GET
H/1.1 404
Not Found login_bg.jpg
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/img/ 315 B
315 B 25ms
25ms Image
text/html 91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/img/login_bg.jpg
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 01:16:52 GMT
Server: Apache
Connection: Keep-Alive
Sozu-Id: 01HVWH7PYMMG1WZGDA2TYH34WC
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found icomoon.woff2
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/fonts/icomoon/ 0
0 25ms
25ms Font
text/html 91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/fonts/icomoon/icomoon.woff2?7m5yri
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/css/normal/app/sso.min-20200819.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/css/normal/app/sso.min-20200819.css
Origin: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 01:16:52 GMT
Server: Apache
Connection: Keep-Alive
Sozu-Id: 01HVWH7PXY9NWVXVRHPNABMXHE
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 86ms
44ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39f7093b64cc148b96e3a8e1a8d849fcd4fda75781388e413014128f3dfffcf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept: application/json
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 01:16:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 87714a9a59390299-CDG
access-control-allow-headers: Content-Type

GET
H/1.1 404
Not Found icomoon.ttf
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/fonts/icomoon/ 0
0 22ms
22ms Font
text/html 91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/fonts/icomoon/icomoon.ttf?7m5yri
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/css/normal/app/sso.min-20200819.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/css/normal/app/sso.min-20200819.css
Origin: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 01:16:52 GMT
Server: Apache
Connection: Keep-Alive
Sozu-Id: 01HVWH7Q1B1ADCVZNSJ43RTF36
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found co-branding Show response
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/idp/ 196 B
433 B 21ms
21ms XHR
text/html 91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/idp/co-branding?resource=co-branding&lang=de&provider=
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/primefaces/jquery/jquery-20200819.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: */*
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 01:16:52 GMT
Server: Apache
Connection: Keep-Alive
Sozu-Id: 01HVWH7Q1FSSNVF6WEHZ18ZEGV
Keep-Alive: timeout=5, max=98
Content-Length: 196
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found icomoon.woff
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/fonts/icomoon/ 0
0 23ms
22ms Font
text/html 91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/fonts/icomoon/icomoon.woff?7m5yri
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/css/normal/app/sso.min-20200819.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/css/normal/app/sso.min-20200819.css
Origin: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 01:16:52 GMT
Server: Apache
Connection: Keep-Alive
Sozu-Id: 01HVWH7Q2Q2SD66Z217C7JFDG4
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/ 442 KB
107 KB 30ms
30ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 20 Apr 2024 01:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: s7qm2vbmUNglr6Jt5k9KHA==
age: 45157
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 109676
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:35 GMT
server: cloudflare
etag: 0x8DC49752A75EB01
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f463857b-001e-005d-3a08-7c3307000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87714a9aab116fe2-CDG

GET
H2 200 de-ch.json Show response
cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/ba92dbb5-02d7-443f-8481-b67e4427328b/ 48 KB
14 KB 58ms
58ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/ba92dbb5-02d7-443f-8481-b67e4427328b/de-ch.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61026706307e88772f61f6e05d84bd06cc8763a9ddf08d74787b506860ea0aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 20 Apr 2024 01:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: 9een+dQKiHe9pgo7gEa5EQ==
content-length: 14574
x-ms-lease-status: unlocked
last-modified: Thu, 28 Mar 2024 09:01:04 GMT
server: cloudflare
etag: 0x8DC4F0599778E17
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7f798c5a-501e-0040-0ec0-923ebb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87714a9b0c5fd408-CDG

GET
H/1.1 200
OK favicon.ico
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/img/ 1 KB
517 B 23ms
23ms Other
image/x-icon 91.208.207.141
MAGICRETAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/img/favicon.ico?v=20140709-1126
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.208.207.141 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software: Apache /
Resource Hash: 7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 20 Apr 2024 01:16:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Feb 2024 13:50:00 GMT
Server: Apache
ETag: "47e-6120cd607b200-gzip"
Vary: Accept-Encoding
Content-Type: image/x-icon
Sozu-Id: 01HVWH7Q3F1HYH9QSR1XMPP72J
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 157

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 13 KB
3 KB 29ms
29ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 20 Apr 2024 01:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: KLWFssuowJEtDumTaVZD/A==
age: 33554
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3041
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:28 GMT
server: cloudflare
etag: 0x8DC497526A04834
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1a0d541c-101e-0041-3e70-926167000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87714a9b7c82d408-CDG

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/ 63 KB
13 KB 31ms
31ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51dfbad7e1a227d3935016e5c4190e5e46e03daa4b249e5ded55f54235efbd7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 20 Apr 2024 01:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JqD83lHxEjWNdmDqKd9lzA==
age: 33554
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13599
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:31 GMT
server: cloudflare
etag: 0x8DC4975281E71C8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2d99b8d4-701e-0047-2170-9252d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87714a9b7c83d408-CDG

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 24 KB
4 KB 30ms
30ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 20 Apr 2024 01:16:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
age: 33554
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 77b5d4b5-301e-008d-2370-920e51000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87714a9b7c84d408-CDG

GET
H2 200 SBBWeb-Roman.woff2
cdn.app.sbb.ch/fonts/v1_6_subset/ 14 KB
14 KB 29ms
29ms Font
application/font-woff2 18.159.58.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Roman.woff2
Requested by: Host: app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/css/normal/app/sso.min-20200819.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.58.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-58-138.eu-central-1.compute.amazonaws.com
Software: nginx/1.25.4 /
Resource Hash: 966a89b8080879ba41c6b9f15c5efb58182c33a0d2d1e08748beb554b28b4997

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/
Origin: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 01:16:52 GMT
content-encoding: br
last-modified: Wed, 31 Jan 2024 10:14:44 GMT
server: nginx/1.25.4
etag: W/"65ba1d94-3748"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public, private
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
expires: Sun, 20 Apr 2025 01:16:52 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
490 B 29ms
28ms Fetch
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 20 Apr 2024 01:16:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 33554
x-ms-lease-status: unlocked
last-modified: Thu, 18 Apr 2024 19:47:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5342516e-601e-0016-6d70-92cf54000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87714a9bcc97d408-CDG

GET
H2 200 OneTrust_SwissPass_logo_mobile.png
cdn.cookielaw.org/logos/d8f340ef-178f-4257-9ea8-01744cfc5459/182f96bb-6fd6-41f6-bfd2-2807f1757dae/039a2007-c2e0-4340-8d2c-4e6f23342858/ 2 KB
2 KB 32ms
32ms Image
image/png 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/d8f340ef-178f-4257-9ea8-01744cfc5459/182f96bb-6fd6-41f6-bfd2-2807f1757dae/039a2007-c2e0-4340-8d2c-4e6f23342858/OneTrust_SwissPass_logo_mobile.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42fe383c86ab1185425bf334a44f9a311dd06d8ccf9e409d05b45dbe0bc48c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 20 Apr 2024 01:16:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zV4bfgG4WycWxZPXBvPm8g==
age: 18307
content-length: 1962
x-ms-lease-status: unlocked
last-modified: Wed, 03 Mar 2021 11:26:34 GMT
server: cloudflare
etag: 0x8D8DE3733F257B1
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 3ab3acff-b01e-0005-42fe-23eb58000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87714a9bcb5b6fe2-CDG

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 28ms
28ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 20 Apr 2024 01:16:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 24077
x-ms-lease-status: unlocked
last-modified: Thu, 18 Apr 2024 12:14:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 840d5794-701e-0035-3cc3-915597000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87714a9bcb5d6fe2-CDG

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 102.165.14.4
URL: http://102.165.14.4:5000/receive_token?referrer=loco

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Schweizerische Bundesbahnen (Transportation)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/	1969-12-31 23:59:59	Name: PHPSESSID Value: 44e1eslh3p2ep4b1ev5q8u6tu1
			app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/	1970-01-21 04:45:11	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sat+Apr+20+2024+03%3A16%3A52+GMT%2B0200+(heure+d%E2%80%99%C3%A9t%C3%A9+d%E2%80%99Europe+centrale)&version=202403.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=10bebdd6-7758-4c5f-a737-d41bd1ea9248&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fapp-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io%2FSBB%2Findex%2F&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 2) Message: Mixed Content: The page at 'https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/' was loaded over HTTPS, but requested an insecure resource 'http://102.165.14.4:5000/receive_token?referrer=loco'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/img/login_bg.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/fonts/icomoon/icomoon.woff2?7m5yri Message: Failed to load resource: the server responded with a status of 404 (Not Found)
recommendation	warning	URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/ Message: [DOM] Found 2 elements with non-unique id #login_button: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/idp/co-branding?resource=co-branding&lang=de&provider= Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/fonts/icomoon/icomoon.ttf?7m5yri Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io/SBB/index/resources/fonts/icomoon/icomoon.woff?7m5yri Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

102.165.14.4
app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io
assets.adobedtm.com
cdn.app.sbb.ch
cdn.cookielaw.org
geolocation.onetrust.com
102.165.14.4
18.159.58.138
2606:4700:4400::6812:2089
2606:4700::6813:b134
2a02:26f0:3500:587::1e80
91.208.207.141
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
15c179af6a66be10fa288925824cbf9fea1e277066233e55425c119dd01db43e
15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971
2b2485b0669a2f73c4846e82eb5a37421358591a8ac8ba21d8149bfb88adcbfb
39f7093b64cc148b96e3a8e1a8d849fcd4fda75781388e413014128f3dfffcf0
4edef10152ecacb7f62929c0496ed48941bfe8bea02e6449cf720ff030addfc2
4f22aa2ae02e38ea0ac63a6da6e1263c90da61c837aa45c16efa0055dbbfcf6c
51dfbad7e1a227d3935016e5c4190e5e46e03daa4b249e5ded55f54235efbd7a
5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61026706307e88772f61f6e05d84bd06cc8763a9ddf08d74787b506860ea0aaf
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
7a9fa521a58ee93001981f3a7db498c589233d8cc616e8d09af0119388a865bc
7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
966a89b8080879ba41c6b9f15c5efb58182c33a0d2d1e08748beb554b28b4997
9c50211b34ab0377f3b35c243c98e402315127bfa5b51e147cb22c702174ca60
c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909
df1e617507098c8826a05c6487106c27e13f067537dbaf4f44d0de4f7d5e8ee3
e42fe383c86ab1185425bf334a44f9a311dd06d8ccf9e409d05b45dbe0bc48c6
f053f049a78c3afbce0d34f57d0bea4a24f7964d0e1e45197a35c06124b5e357
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
f5e694ba6b63a657fae3f561dc0e8ae0247534616d9e844005d11d8ba2535338
f766c7457c6ec463eaa85778aa47261344f1772e0b7cf1987ad212f889f472f5

app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io Open in urlscan Pro 91.208.207.141 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

97 %HTTPS

60 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

516 kBTransfer

1865 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app-449101a1-16c2-426d-84f5-c16e04babf17.cleverapps.io Open in urlscan Pro
91.208.207.141 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

97 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

516 kB
Transfer

1865 kB
Size

2
Cookies

31 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!