erlebnisbank-ag.dev.tonic.ag

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 81.201.201.134, located in Zermatt, Switzerland and belongs to BAR-AS Weidenweg 235, CH. The main domain is erlebnisbank-ag.dev.tonic.ag.
TLS certificate: Issued by R3 on May 6th 2024. Valid for: 3 months.

This is the only time erlebnisbank-ag.dev.tonic.ag was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 3	81.201.201.134 81.201.201.134		25353 (BAR-AS We...) (BAR-AS Weidenweg 235)
2	2

3 81.201.201.134 (Zermatt, Switzerland) 1 redirects

ASN25353 (BAR-AS Weidenweg 235, CH)
PTR: ns1.tonic.ag

erlebnisbank-ag.dev.tonic.ag	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	tonic.ag 1 redirects erlebnisbank-ag.dev.tonic.ag	144 KB
2	1

	Domain	Requested by
3	erlebnisbank-ag.dev.tonic.ag	1 redirects
2	1

This site contains links to these domains. Also see Links.

Domain
stackoverflow.com
www.google.com
www.yiiframework.com
httpd.apache.org
yiiframework.com
github.com

Subject Issuer	Validity	Valid
erlebnisbank-ag.dev.tonic.ag R3	`2024-05-06` - `2024-08-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://erlebnisbank-ag.dev.tonic.ag/home
Frame ID: F2FBF59FD9BF173E60D565569329B5D3
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Invalid Argument – yii\base\InvalidArgumentException

Page URL History Show full URLs

http://erlebnisbank-ag.dev.tonic.ag/ HTTP 307
https://erlebnisbank-ag.dev.tonic.ag/ HTTP 302
https://erlebnisbank-ag.dev.tonic.ag/home Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

143 kB
Transfer

160 kB
Size

2
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://stackoverflow.com/search?q=Invalid+path+alias%3A+%40hqfilepath%2F%2FImage+Bilder%2Fbankstelle_taesch_kindsein_erleben.jpg

Search URL Search Domain Scan URL

URL: https://www.google.com/search?q=Invalid+path+alias%3A+%40hqfilepath%2F%2FImage+Bilder%2Fbankstelle_taesch_kindsein_erleben.jpg

Search URL Search Domain Scan URL

URL: https://www.yiiframework.com/doc-2.0/yii-base-invalidargumentexception.html
Title: yii\base\InvalidArgumentException

Search URL Search Domain Scan URL

URL: https://www.yiiframework.com/doc-2.0/yii-baseyii.html#getAlias()-detail
Title: yii\BaseYii::getAlias

Search URL Search Domain Scan URL

URL: https://www.yiiframework.com/doc-2.0/yii-base-view.html#renderFile()-detail
Title: yii\base\View::renderFile

Search URL Search Domain Scan URL

URL: https://www.yiiframework.com/doc-2.0/yii-base-view.html#render()-detail
Title: yii\base\View::render

Search URL Search Domain Scan URL

URL: https://www.yiiframework.com/doc-2.0/yii-base-widget.html#render()-detail
Title: yii\base\Widget::render

Search URL Search Domain Scan URL

URL: https://www.yiiframework.com/doc-2.0/yii-base-controller.html#render()-detail
Title: yii\base\Controller::render

Search URL Search Domain Scan URL

URL: https://www.yiiframework.com/doc-2.0/yii-base-inlineaction.html#runWithParams()-detail
Title: yii\base\InlineAction::runWithParams

Search URL Search Domain Scan URL

URL: https://www.yiiframework.com/doc-2.0/yii-base-controller.html#runAction()-detail
Title: yii\base\Controller::runAction

Search URL Search Domain Scan URL

URL: https://www.yiiframework.com/doc-2.0/yii-base-module.html#runAction()-detail
Title: yii\base\Module::runAction

Search URL Search Domain Scan URL

URL: https://www.yiiframework.com/doc-2.0/yii-web-application.html#handleRequest()-detail
Title: yii\web\Application::handleRequest

Search URL Search Domain Scan URL

URL: https://www.yiiframework.com/doc-2.0/yii-base-application.html#run()-detail
Title: yii\base\Application::run

Search URL Search Domain Scan URL

URL: https://httpd.apache.org/
Title: Apache/2.4.55 (Ubuntu)

Search URL Search Domain Scan URL

URL: https://yiiframework.com/
Title: Yii Framework

Search URL Search Domain Scan URL

URL: https://github.com/yiisoft/yii2/
Title: 2.0.49.3

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://erlebnisbank-ag.dev.tonic.ag/ HTTP 307
https://erlebnisbank-ag.dev.tonic.ag/ HTTP 302
https://erlebnisbank-ag.dev.tonic.ag/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

500

Primary Request home Show response
erlebnisbank-ag.dev.tonic.ag/
Redirect Chain

http://erlebnisbank-ag.dev.tonic.ag/
https://erlebnisbank-ag.dev.tonic.ag/
https://erlebnisbank-ag.dev.tonic.ag/home

128 KB
128 KB

196ms
196ms

Document
text/html

81.201.201.134
BAR-AS Weidenweg 235

General

Check archive.org

Show headers Download Go to

Full URL

https://erlebnisbank-ag.dev.tonic.ag/home

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

81.201.201.134 Zermatt, Switzerland, ASN25353 (BAR-AS Weidenweg 235, CH),

Reverse DNS

ns1.tonic.ag

Software

Apache/2.4.55 (Ubuntu) /

Resource Hash

730a2a4b3e2b001ab39b0edd160256ed64e95b7abbcb3c4956820d5709564f12

Security Headers

Name

Value

Content-Security-Policy

default-src 'none'; media-src 'self' https://www.youtube.com https://youtu.be; script-src 'self' https://go.erlebnisbank.safechat.pro https://analytics.dev.tonic.ag https://www.googletagmanager.com https://connect.facebook.net 'unsafe-inline'; img-src 'self' blob: data: https://*.erlebnisbank.ch https://www.raiffeisen.ch https://*.cloudfront.net https://i.ytimg.com https://*.tile.openstreetmap.org; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.youtube.com https://go.erlebnisbank.safechat.pro https://www.youtube-nocookie.com/ https://player.vimeo.com/; connect-src 'self' https://go.erlebnisbank.safechat.pro https://www.google-analytics.com; manifest-src 'self'

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-security-policy: default-src 'none'; media-src 'self' https://www.youtube.com https://youtu.be; script-src 'self' https://go.erlebnisbank.safechat.pro https://analytics.dev.tonic.ag https://www.googletagmanager.com https://connect.facebook.net 'unsafe-inline'; img-src 'self' blob: data: https://*.erlebnisbank.ch https://www.raiffeisen.ch https://*.cloudfront.net https://i.ytimg.com https://*.tile.openstreetmap.org; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.youtube.com https://go.erlebnisbank.safechat.pro https://www.youtube-nocookie.com/ https://player.vimeo.com/; connect-src 'self' https://go.erlebnisbank.safechat.pro https://www.google-analytics.com; manifest-src 'self'
content-type: text/html; charset=UTF-8
date: Mon, 06 May 2024 18:37:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.55 (Ubuntu)

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-security-policy: default-src 'none'; media-src 'self' https://www.youtube.com https://youtu.be; script-src 'self' https://go.erlebnisbank.safechat.pro https://analytics.dev.tonic.ag https://www.googletagmanager.com https://connect.facebook.net 'unsafe-inline'; img-src 'self' blob: data: https://*.erlebnisbank.ch https://www.raiffeisen.ch https://*.cloudfront.net https://i.ytimg.com https://*.tile.openstreetmap.org; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.youtube.com https://go.erlebnisbank.safechat.pro https://www.youtube-nocookie.com/ https://player.vimeo.com/; connect-src 'self' https://go.erlebnisbank.safechat.pro https://www.google-analytics.com; manifest-src 'self'
content-type: text/html; charset=UTF-8
date: Mon, 06 May 2024 18:37:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://erlebnisbank-ag.dev.tonic.ag/home
pragma: no-cache
server: Apache/2.4.55 (Ubuntu)

GET
DATA 200
OK truncated
/ 397 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 720b04cd994e512573e2bb021c03d400cd673241e1224d5787618a74e0b88ec2

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 575 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18dbd9ea2b3020c84a3150dd9ad9149df11dfaad8f97fa131b82fc892d267265

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 518 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2eadf16ab00b3bea12ecbb3660a5b2548f32ccfa4e1f98fb80ce96b338a98b40

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da09fc3c3aaaac807143df45642c08d99a50a0f92b3eb1cb358c8b9d59b93bfe

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0b530a2c3a1ad634da3b12175806579805ee64f22d3b76d70c0b4ce8bf113ce

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 favicon.ico
erlebnisbank-ag.dev.tonic.ag/ 15 KB
15 KB 63ms
63ms Other
image/vnd.microsoft.icon 81.201.201.134
BAR-AS Weidenweg 235

General

Check archive.org

Show headers Download Go to

Full URL

https://erlebnisbank-ag.dev.tonic.ag/favicon.ico

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

81.201.201.134 Zermatt, Switzerland, ASN25353 (BAR-AS Weidenweg 235, CH),

Reverse DNS

ns1.tonic.ag

Software

Apache/2.4.55 (Ubuntu) /

Resource Hash

ddc8a9b0fec61a8da238ab3702581b4778c627a05cf0b328f7bf13a5836de307

Security Headers

Name

Value

Content-Security-Policy

default-src 'none'; media-src 'self' https://www.youtube.com https://youtu.be; script-src 'self' https://go.erlebnisbank.safechat.pro https://analytics.dev.tonic.ag https://www.googletagmanager.com https://connect.facebook.net 'unsafe-inline'; img-src 'self' blob: data: https://*.erlebnisbank.ch https://www.raiffeisen.ch https://*.cloudfront.net https://i.ytimg.com https://*.tile.openstreetmap.org; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.youtube.com https://go.erlebnisbank.safechat.pro https://www.youtube-nocookie.com/ https://player.vimeo.com/; connect-src 'self' https://go.erlebnisbank.safechat.pro https://www.google-analytics.com; manifest-src 'self'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://erlebnisbank-ag.dev.tonic.ag/home
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; media-src 'self' https://www.youtube.com https://youtu.be; script-src 'self' https://go.erlebnisbank.safechat.pro https://analytics.dev.tonic.ag https://www.googletagmanager.com https://connect.facebook.net 'unsafe-inline'; img-src 'self' blob: data: https://*.erlebnisbank.ch https://www.raiffeisen.ch https://*.cloudfront.net https://i.ytimg.com https://*.tile.openstreetmap.org; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.youtube.com https://go.erlebnisbank.safechat.pro https://www.youtube-nocookie.com/ https://player.vimeo.com/; connect-src 'self' https://go.erlebnisbank.safechat.pro https://www.google-analytics.com; manifest-src 'self'
date: Mon, 06 May 2024 18:37:02 GMT
last-modified: Thu, 11 May 2023 09:12:38 GMT
server: Apache/2.4.55 (Ubuntu)
etag: "3aee-5fb6763d86113"
access-control-allow-methods: POST,GET,OPTIONS
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: max-age=2678400, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 15086

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| hljs

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			erlebnisbank-ag.dev.tonic.ag/	1969-12-31 23:59:59	Name: erlebnisbank-frontend Value: udh2pgv4rlblbq599sqp3k2dt1
			erlebnisbank-ag.dev.tonic.ag/	1969-12-31 23:59:59	Name: _csrf-erlebnisbank Value: f29263fa89df70a08a715477a71037a48a5587d8d32a3c7cc4aadf8ee886e4f5a%3A2%3A%7Bi%3A0%3Bs%3A18%3A%22_csrf-erlebnisbank%22%3Bi%3A1%3Bs%3A32%3A%22zgmpPqMjJ4zgHahnw9mAHkfqnlJstKx5%22%3B%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://erlebnisbank-ag.dev.tonic.ag/home Message: Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; media-src 'self' https://www.youtube.com https://youtu.be; script-src 'self' https://go.erlebnisbank.safechat.pro https://analytics.dev.tonic.ag https://www.googletagmanager.com https://connect.facebook.net 'unsafe-inline'; img-src 'self' blob: data: https://.erlebnisbank.ch https://www.raiffeisen.ch https://.cloudfront.net https://i.ytimg.com https://*.tile.openstreetmap.org; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.youtube.com https://go.erlebnisbank.safechat.pro https://www.youtube-nocookie.com/ https://player.vimeo.com/; connect-src 'self' https://go.erlebnisbank.safechat.pro https://www.google-analytics.com; manifest-src 'self'

Header

Value

Content-Security-Policy

default-src 'none'; media-src 'self' https://www.youtube.com https://youtu.be; script-src 'self' https://go.erlebnisbank.safechat.pro https://analytics.dev.tonic.ag https://www.googletagmanager.com https://connect.facebook.net 'unsafe-inline'; img-src 'self' blob: data: https://*.erlebnisbank.ch https://www.raiffeisen.ch https://*.cloudfront.net https://i.ytimg.com https://*.tile.openstreetmap.org; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.youtube.com https://go.erlebnisbank.safechat.pro https://www.youtube-nocookie.com/ https://player.vimeo.com/; connect-src 'self' https://go.erlebnisbank.safechat.pro https://www.google-analytics.com; manifest-src 'self'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

erlebnisbank-ag.dev.tonic.ag
81.201.201.134
18dbd9ea2b3020c84a3150dd9ad9149df11dfaad8f97fa131b82fc892d267265
2eadf16ab00b3bea12ecbb3660a5b2548f32ccfa4e1f98fb80ce96b338a98b40
720b04cd994e512573e2bb021c03d400cd673241e1224d5787618a74e0b88ec2
730a2a4b3e2b001ab39b0edd160256ed64e95b7abbcb3c4956820d5709564f12
da09fc3c3aaaac807143df45642c08d99a50a0f92b3eb1cb358c8b9d59b93bfe
ddc8a9b0fec61a8da238ab3702581b4778c627a05cf0b328f7bf13a5836de307
f0b530a2c3a1ad634da3b12175806579805ee64f22d3b76d70c0b4ce8bf113ce

erlebnisbank-ag.dev.tonic.ag Open in urlscan Pro 81.201.201.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

2 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

143 kBTransfer

160 kBSize

2 Cookies

16 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

erlebnisbank-ag.dev.tonic.ag Open in urlscan Pro
81.201.201.134 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

143 kB
Transfer

160 kB
Size

2
Cookies

2 HTTP transactions
5 data transactions