urlscan.io logo urlscan.io
SecurityTrails logo

cartecadeau-tp.ch Open in urlscan Pro
81.18.31.67  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://cartecadeau-tp.ch/
Submission: On November 15 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 35 HTTP transactions. The main IP is 81.18.31.67, located in Switzerland and belongs to AS-NETRICS Switzerland, CH. The main domain is cartecadeau-tp.ch.
TLS certificate: Issued by R3 on October 19th 2023. Valid for: 3 months.
This is the only time cartecadeau-tp.ch was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Schweizerische Bundesbahnen (Transportation)

Domain & IP information

IP Address AS Autonomous System
20 81.18.31.67 50785 (AS-NETRIC...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
3 194.11.207.130 6730 (SUNRISE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 54.93.101.139 16509 (AMAZON-02)
35 5
20    81.18.31.67 (Switzerland)

ASN50785 (AS-NETRICS Switzerland, CH)
PTR: memnon.netrics.ch
cartecadeau-tp.ch
9    2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    194.11.207.130 (Switzerland)

ASN6730 (SUNRISE, CH)
geschenkkarte.bonuscard.ch
1    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    54.93.101.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-101-139.eu-central-1.compute.amazonaws.com
cdn.app.sbb.ch
Apex Domain
Subdomains		 Transfer
20 cartecadeau-tp.ch
cartecadeau-tp.ch
278 KB
9 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 342
131 KB
3 bonuscard.ch
geschenkkarte.bonuscard.ch
9 KB
2 sbb.ch
cdn.app.sbb.ch — Cisco Umbrella Rank: 474592
29 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 590
304 B
35 5
Domain Requested by
20 cartecadeau-tp.ch cartecadeau-tp.ch
9 cdn.cookielaw.org cartecadeau-tp.ch
cdn.cookielaw.org
3 geschenkkarte.bonuscard.ch cartecadeau-tp.ch
geschenkkarte.bonuscard.ch
2 cdn.app.sbb.ch cartecadeau-tp.ch
1 geolocation.onetrust.com cdn.cookielaw.org
35 5
Subject Issuer Validity Valid
geschenkkarte-oev.ch
R3		 2023-10-19 -
2024-01-17		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
geschenkkarte.bonuscard.ch
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-09-11 -
2024-10-08		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
*.app.sbb.ch
Amazon RSA 2048 M02		 2023-08-16 -
2024-09-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://cartecadeau-tp.ch/
Frame ID: 4849EDE76C4CE9C638CEC19A7BA43796
Requests: 32 HTTP requests in this frame

Frame: https://geschenkkarte.bonuscard.ch/saldo/sbb/fr
Frame ID: C59E0A1613DF57023D99B89B1F5B3462
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Carte cadeau TP Back ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

447 kB
Transfer

1128 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cartecadeau-tp.ch/ 		108 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4dadb5c72084a041052b414d6be7bc0cd9142bbaae8be12c38ce72d7d5a9a111

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

cache-control
private
content-encoding
gzip
content-length
20660
content-type
text/html; charset=utf-8
date
Wed, 15 Nov 2023 00:04:11 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
OtAutoBlock.js
cdn.cookielaw.org/consent/7aa7698f-c1d4-472c-992f-ac51718e88aa-test/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/7aa7698f-c1d4-472c-992f-ac51718e88aa-test/OtAutoBlock.js
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c2ee5966d5d02c77aa624bf6c8f9ea1eed14d5079cef495cd574100d4c5114
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Nov 2023 00:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
6byGgaSSKJQr6NewpgnxJg==
content-length
1342
x-ms-lease-status
unlocked
last-modified
Tue, 31 May 2022 15:11:51 GMT
server
cloudflare
etag
0x8DA4317E434E85E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
28753a86-601e-0074-4857-170d73000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
82633c4b4e8b2c45-FRA
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Nov 2023 00:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
R1P6TtSHAQZyvOSI/KawHw==
age
77244
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6821
x-ms-lease-status
unlocked
last-modified
Thu, 09 Nov 2023 14:41:49 GMT
server
cloudflare
etag
0x8DBE13201873ECE
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
615f4d5d-701e-0057-437a-1397b0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82633c4b4e8a2c45-FRA
style.css
cartecadeau-tp.ch/_css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cartecadeau-tp.ch/_css/style.css
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
72b9bcd0c26d63b42493132dc3e28307818d5e70cc4e789e36a5bc143a9467b3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
content-encoding
gzip
last-modified
Tue, 20 Jun 2017 11:19:50 GMT
server
Microsoft-IIS/10.0
etag
"02bed21b7e9d21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4147
vehicle_icons.png
cartecadeau-tp.ch/_gfx/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartecadeau-tp.ch/_gfx/vehicle_icons.png
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
306b95653b1fc33af492bfe54ae2c8c6d38743701e2996125c742b8158b7847e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Tue, 23 Oct 2012 15:20:23 GMT
server
Microsoft-IIS/10.0
etag
"c9bf4cec31b1cd1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
5228
slider1.jpg
cartecadeau-tp.ch/_gfx/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartecadeau-tp.ch/_gfx/slider1.jpg
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
56964e2cedc0d302adeb78994467301d4a07f19f81edceaf2424fd48cd9dd4f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Tue, 23 Oct 2012 15:20:23 GMT
server
Microsoft-IIS/10.0
etag
"c4a926ec31b1cd1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
67540
slider2.jpg
cartecadeau-tp.ch/_gfx/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartecadeau-tp.ch/_gfx/slider2.jpg
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
80e26612990b68296feee4e90311e533803e70bfccf83ccb2de54bd6411d96e6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Tue, 23 Oct 2012 15:20:23 GMT
server
Microsoft-IIS/10.0
etag
"87773eec31b1cd1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
57732
logo_zentralbahn.png
cartecadeau-tp.ch/_gfx/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartecadeau-tp.ch/_gfx/logo_zentralbahn.png
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
04d904b918a07ea97ac3bbd6d491ef99520e9bae1a47bea1f0cb41b2e4169acf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Tue, 23 Oct 2012 15:20:21 GMT
server
Microsoft-IIS/10.0
etag
"81d5eeea31b1cd1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
4710
logo_rhb.png
cartecadeau-tp.ch/_gfx/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartecadeau-tp.ch/_gfx/logo_rhb.png
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3d5e0fe8f1030704223fb595bf1d1e6e404010d6becd6e935b52e49014988745

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Wed, 14 Aug 2013 07:13:39 GMT
server
Microsoft-IIS/10.0
etag
"f38fafccbd98ce1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3148
logo_sbb.png
cartecadeau-tp.ch/_gfx/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartecadeau-tp.ch/_gfx/logo_sbb.png
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9760f491bb01d3c267e92829e9d6821c1b68315ac500d4fd70af72c87e5347a9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Tue, 23 Oct 2012 15:20:21 GMT
server
Microsoft-IIS/10.0
etag
"9de3cfea31b1cd1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
4934
logo_matterhorn.png
cartecadeau-tp.ch/_gfx/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartecadeau-tp.ch/_gfx/logo_matterhorn.png
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
271f0b1efef5a572d7fad4bad9ae68fac6bebdb5b3bc3489fb61dedb94010522

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Tue, 23 Oct 2012 15:20:21 GMT
server
Microsoft-IIS/10.0
etag
"5990aeea31b1cd1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
8174
logo_vbl.png
cartecadeau-tp.ch/_gfx/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartecadeau-tp.ch/_gfx/logo_vbl.png
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e0897488b61b7de35188b14f0319c8ed941614600cdb71bc0606f71605f589c3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Wed, 14 Aug 2013 07:13:39 GMT
server
Microsoft-IIS/10.0
etag
"16bfc9ccbd98ce1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2148
logo_transn.png
cartecadeau-tp.ch/_gfx/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartecadeau-tp.ch/_gfx/logo_transn.png
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f2ae38e4a70adbdbfe513fccd5b00006d1a3732360053be494fdd8bbb37d6b1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Wed, 14 Aug 2013 07:13:39 GMT
server
Microsoft-IIS/10.0
etag
"35d8bdccbd98ce1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2978
logo_bls.png
cartecadeau-tp.ch/_gfx/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartecadeau-tp.ch/_gfx/logo_bls.png
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dd660b88c3605ff5874e0ad27fba59b82c14892807235fd43beff04e5a334229

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Wed, 14 Aug 2013 07:13:38 GMT
server
Microsoft-IIS/10.0
etag
"ef7989ccbd98ce1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
2555
logo_fb.png
cartecadeau-tp.ch/_gfx/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartecadeau-tp.ch/_gfx/logo_fb.png
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0fd3fa3763881a379fa60797e11deddb681a093d03128460c3f7b5c1073439d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Wed, 14 Aug 2013 07:13:38 GMT
server
Microsoft-IIS/10.0
etag
"52e69eccbd98ce1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
1734
logo_sob.jpg
cartecadeau-tp.ch/_gfx/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartecadeau-tp.ch/_gfx/logo_sob.jpg
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
771bc459969287f023fa9fdfce0631f8091dcfed85114ea747e5ee7304d1b797

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Mon, 16 Mar 2015 09:40:05 GMT
server
Microsoft-IIS/10.0
etag
"81e452fcd5fd01:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
3203
logo_zvv.png
cartecadeau-tp.ch/_gfx/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartecadeau-tp.ch/_gfx/logo_zvv.png
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4a8e20d00476a9e41d135e55becf0cc16fe26d4cdbda253623992f338bc9fb35

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Wed, 11 May 2022 21:00:28 GMT
server
Microsoft-IIS/10.0
etag
"5a4ea2247a65d81:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3690
jquery.js
cartecadeau-tp.ch/_js/ 		144 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cartecadeau-tp.ch/_js/jquery.js
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1fa0b1f04f53593ab1a82f06c4cee7f07e8aae2a66063d5266945ede30c4f380

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
content-encoding
gzip
last-modified
Tue, 23 Oct 2012 15:20:24 GMT
server
Microsoft-IIS/10.0
etag
"cdd572ec31b1cd1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
61002
script.js
cartecadeau-tp.ch/_js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cartecadeau-tp.ch/_js/script.js
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3363262f0c277ef8d489f3274273d8eba07dcc5df658e31bd33901e1b942fc36

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 09:40:54 GMT
server
Microsoft-IIS/10.0
etag
"41731b22991dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2241
7aa7698f-c1d4-472c-992f-ac51718e88aa-test.json
cdn.cookielaw.org/consent/7aa7698f-c1d4-472c-992f-ac51718e88aa-test/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/7aa7698f-c1d4-472c-992f-ac51718e88aa-test/7aa7698f-c1d4-472c-992f-ac51718e88aa-test.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535a79f72b67049db231ec2d3f05a55991858fbada4265c1b7c7708c98a67f7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Nov 2023 00:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
7IaMjoiyKeyvIIEZU81+1g==
content-length
1455
x-ms-lease-status
unlocked
last-modified
Tue, 31 May 2022 15:11:51 GMT
server
cloudflare
etag
0x8DA4317E43E35CF
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c39225d6-f01e-0014-0657-1771ec000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
82633c4d7b602bd7-FRA
helveticaneue-ultralight-webfont.woff
cartecadeau-tp.ch/_webfonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cartecadeau-tp.ch/_webfonts/helveticaneue-ultralight-webfont.woff
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/_css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0aecab71c4a94eac159a91bebe60157c49b35d4cd41a21c7bf766308f8185b72

Request headers

Referer
https://www.google.com/
Origin
https://cartecadeau-tp.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Tue, 23 Oct 2012 15:20:29 GMT
server
Microsoft-IIS/10.0
etag
"e45071ef31b1cd1:0"
x-powered-by
ASP.NET
content-type
font/x-woff
accept-ranges
bytes
content-length
23908
fr
geschenkkarte.bonuscard.ch/saldo/sbb/ Frame C59E 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geschenkkarte.bonuscard.ch/saldo/sbb/fr
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.207.130 , Switzerland, ASN6730 (SUNRISE, CH),
Reverse DNS
Software
Apache /
Resource Hash
81f963f0cd96eaa721f693620ace79cb853f9a42917f2ef41c7aa268a8a44e87
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net; style-src 'self' 'unsafe-inline' ; img-src 'self' 'unsafe-inline' https://*.cornercard.ch; font-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net ; object-src 'none'; frame-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net; frame-ancestors 'self' https://*.sbb.ch http://*.cartaregalo-tp.ch https://*.cartaregalo-tp.ch http://*.geschenkkarte-oev.ch https://*.geschenkkarte-oev.ch http://*.cartecadeau-tp.ch https://*.cartecadeau-tp.ch http://*.giftcard-pt.ch https://*.giftcard-pt.ch http://cartaregalo-tp.ch https://cartaregalo-tp.ch http://geschenkkarte-oev.ch https://geschenkkarte-oev.ch http://cartecadeau-tp.ch https://cartecadeau-tp.ch http://giftcard-pt.ch https://giftcard-pt.ch; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cartecadeau-tp.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

Cache-Control
no-cache="set-cookie, set-cookie2"
Connection
Keep-Alive
Content-Encoding
gzip
Content-Language
fr
Content-Length
1349
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net; style-src 'self' 'unsafe-inline' ; img-src 'self' 'unsafe-inline' https://*.cornercard.ch; font-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net ; object-src 'none'; frame-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net; frame-ancestors 'self' https://*.sbb.ch http://*.cartaregalo-tp.ch https://*.cartaregalo-tp.ch http://*.geschenkkarte-oev.ch https://*.geschenkkarte-oev.ch http://*.cartecadeau-tp.ch https://*.cartecadeau-tp.ch http://*.giftcard-pt.ch https://*.giftcard-pt.ch http://cartaregalo-tp.ch https://cartaregalo-tp.ch http://geschenkkarte-oev.ch https://geschenkkarte-oev.ch http://cartecadeau-tp.ch https://cartecadeau-tp.ch http://giftcard-pt.ch https://giftcard-pt.ch; block-all-mixed-content;
Content-Type
text/html; charset=UTF-8
Date
Wed, 15 Nov 2023 00:04:14 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		67 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e91e62490f19fae2907ddbfae2a95990ca18631d5386fa9de60311dd777ae4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.google.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
82633c4f5a211d8e-FRA
access-control-allow-headers
Content-Type
close_btn.png
cartecadeau-tp.ch/_gfx/ 		177 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartecadeau-tp.ch/_gfx/close_btn.png
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/_css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
55ba73a5f8938ec10f3d8f4d602d38ef054752aa92551a1c0f1a9a1b834bfb7a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Tue, 23 Oct 2012 15:20:20 GMT
server
Microsoft-IIS/10.0
etag
"345681ea31b1cd1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
177
pdf_btn.png
cartecadeau-tp.ch/_gfx/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartecadeau-tp.ch/_gfx/pdf_btn.png
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/_css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.18.31.67 , Switzerland, ASN50785 (AS-NETRICS Switzerland, CH),
Reverse DNS
memnon.netrics.ch
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0885dcc952437657ba282b6a15492c41dc0a0439eed25d2408649cc7ababd8b0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:11 GMT
last-modified
Tue, 23 Oct 2012 15:20:21 GMT
server
Microsoft-IIS/10.0
etag
"a6f1ceb31b1cd1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
3461
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.32.0/ 		335 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8bd28fee94c800df636a486d42ed91d2df89db1fd3e223d5e89ce3d9dd107fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Nov 2023 00:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ryfZhYsqLisJEnBsOqgVsQ==
age
78908
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
81095
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 16:29:23 GMT
server
cloudflare
etag
0x8DA08FC76466F7A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
efb898d2-001e-0072-0a7c-eb3ecc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82633c5019e52c45-FRA
fr-ch.json
cdn.cookielaw.org/consent/7aa7698f-c1d4-472c-992f-ac51718e88aa-test/ac855aaa-e29f-41f4-b911-18d17c47a640/ 		177 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/7aa7698f-c1d4-472c-992f-ac51718e88aa-test/ac855aaa-e29f-41f4-b911-18d17c47a640/fr-ch.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f3f3ba44cb5df6c8dda316ff71318d408a8ca61947f0f39b4579c9538e82cc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Nov 2023 00:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
c2/Lmu3Jemea11TN3OAlZA==
content-length
19773
x-ms-lease-status
unlocked
last-modified
Tue, 31 May 2022 15:11:54 GMT
server
cloudflare
etag
0x8DA4317E5CCD84B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
68b377ff-401e-0063-5b57-17a478000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
82633c50ade62bd7-FRA
otFlat.json
cdn.cookielaw.org/scripttemplates/6.32.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Nov 2023 00:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
8zrrRItZNMaEtuchK/ofwQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2959
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 16:29:14 GMT
server
cloudflare
etag
0x8DA08FC70DA836E
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
c8a5836f-701e-009c-1557-1794e5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82633c51ae912bd7-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/ 		48 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25f5cc4a39b2d6a0d908fe93f98f6f4e9b9a821a35547dd7b19504150db76f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Nov 2023 00:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
uYlRueaFtS5mhOymjGWFow==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11627
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 16:29:16 GMT
server
cloudflare
etag
0x8DA08FC723EC22F
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
5328564d-101e-001c-3657-176be3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82633c51ae922bd7-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.32.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Nov 2023 00:04:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
content-md5
SHFDtZO2nDZuiPDW83p1IQ==
x-ms-lease-status
unlocked
last-modified
Fri, 18 Mar 2022 16:29:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
40cbe102-701e-008c-1c57-17518d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
82633c51ae932bd7-FRA
SBBWeb-Bold.woff2
cdn.app.sbb.ch/fonts/v1_6_subset/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Bold.woff2
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.93.101.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-101-139.eu-central-1.compute.amazonaws.com
Software
nginx/1.23.2 /
Resource Hash
f069a80a8f0838dc76f55359c8599ee04d3c66004c6513de7cbf382df4bb59e2

Request headers

Referer
https://www.google.com/
Origin
https://cartecadeau-tp.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:13 GMT
content-encoding
br
last-modified
Fri, 17 Dec 2021 15:16:26 GMT
server
nginx/1.23.2
etag
W/"61bca9ca-37c0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public, private
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
expires
Thu, 14 Nov 2024 00:04:13 GMT
SBBWeb-Roman.woff2
cdn.app.sbb.ch/fonts/v1_6_subset/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Roman.woff2
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.93.101.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-101-139.eu-central-1.compute.amazonaws.com
Software
nginx/1.23.2 /
Resource Hash
966a89b8080879ba41c6b9f15c5efb58182c33a0d2d1e08748beb554b28b4997

Request headers

Referer
https://www.google.com/
Origin
https://cartecadeau-tp.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 00:04:13 GMT
content-encoding
br
last-modified
Fri, 17 Dec 2021 15:16:26 GMT
server
nginx/1.23.2
etag
W/"61bca9ca-3748"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public, private
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
expires
Thu, 14 Nov 2024 00:04:13 GMT
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: cartecadeau-tp.ch
URL: https://cartecadeau-tp.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Nov 2023 00:04:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
LpuayL42jB78xRllx0vkOw==
age
77061
x-ms-lease-status
unlocked
last-modified
Thu, 09 Nov 2023 14:41:56 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
67068720-f01e-0049-7aa0-137b68000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
82633c531b5e2c45-FRA
base.css
geschenkkarte.bonuscard.ch/gift/resources/css/sbb/ Frame C59E 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geschenkkarte.bonuscard.ch/gift/resources/css/sbb/base.css
Requested by
Host: geschenkkarte.bonuscard.ch
URL: https://geschenkkarte.bonuscard.ch/saldo/sbb/fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.207.130 , Switzerland, ASN6730 (SUNRISE, CH),
Reverse DNS
Software
Apache /
Resource Hash
db5d4b37c2b21da32081a01fade89e4b54978fe5ddf4e781791dd13f29792e9c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net; style-src 'self' 'unsafe-inline' ; img-src 'self' 'unsafe-inline' https://*.cornercard.ch; font-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net ; object-src 'none'; frame-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net; frame-ancestors 'self' https://*.sbb.ch http://*.cartaregalo-tp.ch https://*.cartaregalo-tp.ch http://*.geschenkkarte-oev.ch https://*.geschenkkarte-oev.ch http://*.cartecadeau-tp.ch https://*.cartecadeau-tp.ch http://*.giftcard-pt.ch https://*.giftcard-pt.ch http://cartaregalo-tp.ch https://cartaregalo-tp.ch http://geschenkkarte-oev.ch https://geschenkkarte-oev.ch http://cartecadeau-tp.ch https://cartecadeau-tp.ch http://giftcard-pt.ch https://giftcard-pt.ch; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 00:04:14 GMT
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net; style-src 'self' 'unsafe-inline' ; img-src 'self' 'unsafe-inline' https://*.cornercard.ch; font-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net ; object-src 'none'; frame-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net; frame-ancestors 'self' https://*.sbb.ch http://*.cartaregalo-tp.ch https://*.cartaregalo-tp.ch http://*.geschenkkarte-oev.ch https://*.geschenkkarte-oev.ch http://*.cartecadeau-tp.ch https://*.cartecadeau-tp.ch http://*.giftcard-pt.ch https://*.giftcard-pt.ch http://cartaregalo-tp.ch https://cartaregalo-tp.ch http://geschenkkarte-oev.ch https://geschenkkarte-oev.ch http://cartecadeau-tp.ch https://cartecadeau-tp.ch http://giftcard-pt.ch https://giftcard-pt.ch; block-all-mixed-content;
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 07 Jul 2022 10:01:00 GMT
Server
Apache
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Language
en-US
Content-Type
text/css
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
1128
X-XSS-Protection
1; mode=block
sbb.css
geschenkkarte.bonuscard.ch/gift/resources/css/sbb/ Frame C59E 		9 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geschenkkarte.bonuscard.ch/gift/resources/css/sbb/sbb.css
Requested by
Host: geschenkkarte.bonuscard.ch
URL: https://geschenkkarte.bonuscard.ch/saldo/sbb/fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.207.130 , Switzerland, ASN6730 (SUNRISE, CH),
Reverse DNS
Software
Apache /
Resource Hash
26cc2d386f4fa411f75f4d3dc39d28b7d7c5aa9d63f7b87516c80b0adccd084d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net; style-src 'self' 'unsafe-inline' ; img-src 'self' 'unsafe-inline' https://*.cornercard.ch; font-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net ; object-src 'none'; frame-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net; frame-ancestors 'self' https://*.sbb.ch http://*.cartaregalo-tp.ch https://*.cartaregalo-tp.ch http://*.geschenkkarte-oev.ch https://*.geschenkkarte-oev.ch http://*.cartecadeau-tp.ch https://*.cartecadeau-tp.ch http://*.giftcard-pt.ch https://*.giftcard-pt.ch http://cartaregalo-tp.ch https://cartaregalo-tp.ch http://geschenkkarte-oev.ch https://geschenkkarte-oev.ch http://cartecadeau-tp.ch https://cartecadeau-tp.ch http://giftcard-pt.ch https://giftcard-pt.ch; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 00:04:14 GMT
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net; style-src 'self' 'unsafe-inline' ; img-src 'self' 'unsafe-inline' https://*.cornercard.ch; font-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net ; object-src 'none'; frame-src 'self' 'unsafe-inline' https://cdn.app.sbb-aws.net; frame-ancestors 'self' https://*.sbb.ch http://*.cartaregalo-tp.ch https://*.cartaregalo-tp.ch http://*.geschenkkarte-oev.ch https://*.geschenkkarte-oev.ch http://*.cartecadeau-tp.ch https://*.cartecadeau-tp.ch http://*.giftcard-pt.ch https://*.giftcard-pt.ch http://cartaregalo-tp.ch https://cartaregalo-tp.ch http://geschenkkarte-oev.ch https://geschenkkarte-oev.ch http://cartecadeau-tp.ch https://cartecadeau-tp.ch http://giftcard-pt.ch https://giftcard-pt.ch; block-all-mixed-content;
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 07 Jul 2022 10:01:00 GMT
Server
Apache
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Language
en-US
Content-Type
text/css
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
2284
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Schweizerische Bundesbahnen (Transportation)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| OneTrustStub function| OptanonWrapper function| $ function| jQuery function| ShowOverlay function| CloseOverlay function| ResetOverlayPager function| SetActiveColor function| SetInactiveColors function| ResetColors object| jQuery18205232113908329084 string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust

3 Cookies

Domain/Path Name / Value
cartecadeau-tp.ch/ Name: ASP.NET_SessionId
Value: ypuzitsdeoau4kkfkntlhs1i
cartecadeau-tp.ch/ Name: _SBB Geschenkkarte_LANGUAGE
Value: 2
cartecadeau-tp.ch/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Wed+Nov+15+2023+01%3A04%3A13+GMT%2B0100+(Central+European+Standard+Time)&version=6.32.0&hosts=&consentId=6b0b2450-7979-4a9a-befe-b666630388c1&interactionCount=0&landingPath=https%3A%2F%2Fcartecadeau-tp.ch%2F&groups=C0001%3A1

3 Console Messages

Source Level URL
Text
rendering warning URL: https://cartecadeau-tp.ch/(Line 12)
Message:
The value "970px" for key "width" was truncated to its numeric prefix.
rendering error URL: https://geschenkkarte.bonuscard.ch/saldo/sbb/fr(Line 61)
Message:
Error: <path> attribute d: Expected path command, "…3.1.7-.7 4.3 4.2y".
rendering error URL: https://geschenkkarte.bonuscard.ch/saldo/sbb/fr(Line 67)
Message:
Error: <path> attribute d: Expected path command, "…3.1.7-.7 4.3 4.2y".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cartecadeau-tp.ch
cdn.app.sbb.ch
cdn.cookielaw.org
geolocation.onetrust.com
geschenkkarte.bonuscard.ch
194.11.207.130
2606:4700:4400::6812:2089
2606:4700::6812:82ec
54.93.101.139
81.18.31.67
04d904b918a07ea97ac3bbd6d491ef99520e9bae1a47bea1f0cb41b2e4169acf
0885dcc952437657ba282b6a15492c41dc0a0439eed25d2408649cc7ababd8b0
0aecab71c4a94eac159a91bebe60157c49b35d4cd41a21c7bf766308f8185b72
0f2ae38e4a70adbdbfe513fccd5b00006d1a3732360053be494fdd8bbb37d6b1
0fd3fa3763881a379fa60797e11deddb681a093d03128460c3f7b5c1073439d7
1e91e62490f19fae2907ddbfae2a95990ca18631d5386fa9de60311dd777ae4e
1f3f3ba44cb5df6c8dda316ff71318d408a8ca61947f0f39b4579c9538e82cc3
1fa0b1f04f53593ab1a82f06c4cee7f07e8aae2a66063d5266945ede30c4f380
25f5cc4a39b2d6a0d908fe93f98f6f4e9b9a821a35547dd7b19504150db76f6a
26cc2d386f4fa411f75f4d3dc39d28b7d7c5aa9d63f7b87516c80b0adccd084d
271f0b1efef5a572d7fad4bad9ae68fac6bebdb5b3bc3489fb61dedb94010522
306b95653b1fc33af492bfe54ae2c8c6d38743701e2996125c742b8158b7847e
3363262f0c277ef8d489f3274273d8eba07dcc5df658e31bd33901e1b942fc36
3d5e0fe8f1030704223fb595bf1d1e6e404010d6becd6e935b52e49014988745
48c2ee5966d5d02c77aa624bf6c8f9ea1eed14d5079cef495cd574100d4c5114
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4a8e20d00476a9e41d135e55becf0cc16fe26d4cdbda253623992f338bc9fb35
4dadb5c72084a041052b414d6be7bc0cd9142bbaae8be12c38ce72d7d5a9a111
535a79f72b67049db231ec2d3f05a55991858fbada4265c1b7c7708c98a67f7e
55ba73a5f8938ec10f3d8f4d602d38ef054752aa92551a1c0f1a9a1b834bfb7a
56964e2cedc0d302adeb78994467301d4a07f19f81edceaf2424fd48cd9dd4f4
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
72b9bcd0c26d63b42493132dc3e28307818d5e70cc4e789e36a5bc143a9467b3
771bc459969287f023fa9fdfce0631f8091dcfed85114ea747e5ee7304d1b797
80e26612990b68296feee4e90311e533803e70bfccf83ccb2de54bd6411d96e6
81f963f0cd96eaa721f693620ace79cb853f9a42917f2ef41c7aa268a8a44e87
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375
966a89b8080879ba41c6b9f15c5efb58182c33a0d2d1e08748beb554b28b4997
9760f491bb01d3c267e92829e9d6821c1b68315ac500d4fd70af72c87e5347a9
db5d4b37c2b21da32081a01fade89e4b54978fe5ddf4e781791dd13f29792e9c
dd660b88c3605ff5874e0ad27fba59b82c14892807235fd43beff04e5a334229
e0897488b61b7de35188b14f0319c8ed941614600cdb71bc0606f71605f589c3
f069a80a8f0838dc76f55359c8599ee04d3c66004c6513de7cbf382df4bb59e2
f8bd28fee94c800df636a486d42ed91d2df89db1fd3e223d5e89ce3d9dd107fe