urlscan.io logo urlscan.io
SecurityTrails logo

postfinance-sicherhei-ch.com Open in urlscan Pro
2a02:4780:8:880:0:3142:2f9:1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://postfinance-sicherhei-ch.com/
Submission Tags: 7608965
Submission: On July 20 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 23 HTTP transactions. The main IP is 2a02:4780:8:880:0:3142:2f9:1, located in Cyprus and belongs to AS-HOSTINGER, CY. The main domain is postfinance-sicherhei-ch.com.
TLS certificate: Issued by R3 on July 20th 2022. Valid for: 3 months.
This is the only time postfinance-sicherhei-ch.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PostFinance (Banking)

Domain & IP information

IP Address AS Autonomous System
21 2a02:4780:8:8... 47583 (AS-HOSTINGER)
2 2a00:17c9:0:8... 12511 (CH-POSTNE...)
23 3
Apex Domain
Subdomains		 Transfer
21 postfinance-sicherhei-ch.com
postfinance-sicherhei-ch.com
659 KB
2 postfinance.ch
www.postfinance.ch — Cisco Umbrella Rank: 622723
121 KB
23 2
Domain Requested by
21 postfinance-sicherhei-ch.com postfinance-sicherhei-ch.com
2 www.postfinance.ch postfinance-sicherhei-ch.com
23 2

This site contains no links.

Subject Issuer Validity Valid
postfinance-sicherhei-ch.com
R3		 2022-07-20 -
2022-10-18		 3 months crt.sh
www.postfinance.ch
SwissSign EV Gold CA 2014 - G22		 2021-10-14 -
2022-10-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://postfinance-sicherhei-ch.com/
Frame ID: 370A4EC4B963081A8ADD7A44BF476E7A
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PostFinance - E-financeOops, something lost

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

871 kB
Transfer

3369 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
postfinance-sicherhei-ch.com/ 		154 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.30
Resource Hash
0578d0d3331b443b5aee2b23e65e98406ae30c0969b2bb750f74102054ee8668
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 17:51:53 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.30
all.hv.min.css
postfinance-sicherhei-ch.com/index_files/ 		613 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/index_files/all.hv.min.css
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
67e7db3e316c95e8dc2f9221897f443717e574047c83a3e1747126678a44158d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:53 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 15:26:59 GMT
server
LiteSpeed
etag
"99491-62d81ec3-4755af945030530c;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
66816
expires
Wed, 27 Jul 2022 17:51:53 GMT
all.hv.mobile.min.css
postfinance-sicherhei-ch.com/index_files/ 		611 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/index_files/all.hv.mobile.min.css
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d0914c4c53c703c789f42965be5b05d04171cbe36bb44ab9bf6696ad03f07d17
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:53 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 15:26:59 GMT
server
LiteSpeed
etag
"98c45-62d81ec3-6877b027595d51c6;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
69291
expires
Wed, 27 Jul 2022 17:51:53 GMT
all.ef.min.js
postfinance-sicherhei-ch.com/index_files/ 		192 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/index_files/all.ef.min.js
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e5aae9816566b9b6f03fdf031c253e77375787570214631cba31087468dab48d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:53 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 15:26:59 GMT
server
LiteSpeed
etag
"3016f-62d81ec3-cfe2d0a5feacd554;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
61187
expires
Wed, 27 Jul 2022 17:51:53 GMT
all.hv.min.js
postfinance-sicherhei-ch.com/index_files/ 		207 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/index_files/all.hv.min.js
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3b6aef845effa067e4cdfff6a2fa96ce9a6409543bea3d5474fb99aaabf5c315
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:53 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 15:26:59 GMT
server
LiteSpeed
etag
"33bf7-62d81ec3-2a85832a422e9afe;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
53532
expires
Wed, 27 Jul 2022 17:51:53 GMT
pfunblulegacy.js
postfinance-sicherhei-ch.com/index_files/ 		499 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/index_files/pfunblulegacy.js
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ea8d70c5bb432cc84e8e5e0db99d128dac1c13f1d9d45d4dcba3d5151826310c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:53 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 15:26:59 GMT
server
LiteSpeed
etag
"7cc2d-62d81ec3-e8858f4349f706f;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
81466
expires
Wed, 27 Jul 2022 17:51:53 GMT
unblu.integration.component.min.js
postfinance-sicherhei-ch.com/index_files/ 		49 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/index_files/unblu.integration.component.min.js
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c0e5e6227c874ed32064d5705feef3fe25c48de60395122e9652831800489826
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:53 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 15:26:59 GMT
server
LiteSpeed
etag
"c5a4-62d81ec3-5efa7dd1e8b530fc;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
8153
expires
Wed, 27 Jul 2022 17:51:53 GMT
unblu.interceptor.min.js
postfinance-sicherhei-ch.com/index_files/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/index_files/unblu.interceptor.min.js
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7e88448fe82b77cc4944eeed74592c9e299d66ae8b0e2f9f7a8bd320e157e033
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:53 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 15:26:59 GMT
server
LiteSpeed
etag
"1661-62d81ec3-46ceb04dd5d84ccc;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
1672
expires
Wed, 27 Jul 2022 17:51:53 GMT
visitor.js
postfinance-sicherhei-ch.com/index_files/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/index_files/visitor.js
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
eb531334a6f32cab9a1c15ab18d36f3cc66e773c76e6abce1c9a7164af7e9a0a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:53 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 15:26:59 GMT
server
LiteSpeed
etag
"998-62d81ec3-747de7aada5fe6d7;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
1018
expires
Wed, 27 Jul 2022 17:51:53 GMT
Initializer.js
postfinance-sicherhei-ch.com/index_files/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/index_files/Initializer.js
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6f45613e1f69a8c4b24f4f8594f55ecf6d35d89c13138579a3fec5b935ee1996
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:54 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 15:26:59 GMT
server
LiteSpeed
etag
"1bc7-62d81ec3-87632be60e4be7c9;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
2562
expires
Wed, 27 Jul 2022 17:51:54 GMT
SiteIntegrationLazyMain.cfg
postfinance-sicherhei-ch.com/index_files/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/index_files/SiteIntegrationLazyMain.cfg
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
112c6c4c1e245cfdc4c4786c0212b4e725a63b85124743aaf69592b9b3e37c03
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:54 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 15:26:59 GMT
server
LiteSpeed
etag
"38db-62d81ec3-b69a4e4f127d8b88;br"
vary
Accept-Encoding
content-type
text/plain
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
3465
SiteIntegrationLazyMain.js
postfinance-sicherhei-ch.com/index_files/ 		700 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/index_files/SiteIntegrationLazyMain.js
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
751da8f18cc3e46517eb28bfd9d72b266b601267650472caeda3a36809bbcbae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:54 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 15:26:59 GMT
server
LiteSpeed
etag
"af049-62d81ec3-c5b4122f76249fd6;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
176279
expires
Wed, 27 Jul 2022 17:51:54 GMT
jquery.js
postfinance-sicherhei-ch.com/index_files/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/index_files/jquery.js
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:53 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 15:26:59 GMT
server
LiteSpeed
etag
"15d9d-62d81ec3-d6e481d3cb64a4fa;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
30021
expires
Wed, 27 Jul 2022 17:51:53 GMT
logo.png
postfinance-sicherhei-ch.com/index_files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://postfinance-sicherhei-ch.com/index_files/logo.png
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6e2341a524af81d8b9362e829287bede024d49eb00f2983f39ef3e8675614ac6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:54 GMT
last-modified
Wed, 20 Jul 2022 15:26:59 GMT
server
LiteSpeed
etag
"1794-62d81ec3-62c35a3583c4c027;;;"
content-type
image/png
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
6036
expires
Wed, 27 Jul 2022 17:51:54 GMT
statistics
postfinance-sicherhei-ch.com/index_files/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/index_files/statistics
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0ed422d6d048aca37eb3c0ab7d4b824bc16d24b38024d0b48ba8cc26de2595fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
etag
"1186-62d81ec3-86494a3069a74c20;;;"
last-modified
Wed, 20 Jul 2022 15:26:59 GMT
server
LiteSpeed
accept-ranges
bytes
date
Wed, 20 Jul 2022 17:51:54 GMT
content-length
4486
stats
postfinance-sicherhei-ch.com/index_files/ 		101 B
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/index_files/stats
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
12f64ad6ca5e7436e96ffce9665a3fc82692b3ad10dbb94c3475ebe021b0c1b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
etag
"65-62d81ec3-dbc3062c392bc91;;;"
last-modified
Wed, 20 Jul 2022 15:26:59 GMT
server
LiteSpeed
accept-ranges
bytes
date
Wed, 20 Jul 2022 17:51:54 GMT
content-length
101
truncated
/ 		392 B
392 B 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d57b7c65343639b61a2d188404fd4299d7a1e76d6449c12c8b6cda54d6b5467a

Request headers

Referer
Origin
https://postfinance-sicherhei-ch.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
application/font-woff2
unblu.interceptor.min.js
postfinance-sicherhei-ch.com/sc/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/sc/unblu.interceptor.min.js
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/index_files/unblu.integration.component.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:54 GMT
content-encoding
br
last-modified
Mon, 11 Apr 2022 09:14:12 GMT
server
LiteSpeed
etag
"999-6253f164-308801989c19e124;br"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
912
truncated
/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56357c655153f3e1fa0b40233b0aaadedaa0293479322c33f8bf2de499278c7d

Request headers

Referer
Origin
https://postfinance-sicherhei-ch.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
icons--sprite.png
www.postfinance.ch/sc/fp/1/static/fipo/ux/img/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.postfinance.ch/sc/fp/1/static/fipo/ux/img/icons--sprite.png
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/index_files/all.hv.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:17c9:0:8103::20c , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
f7ab85d108404ce04f57561886170bb64f90ca6ffc0de468508483c52d99171c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 11 May 2022 09:26:51 GMT
server
Apache
date
Wed, 20 Jul 2022 17:51:54 GMT
expect-ct
enforce,max-age=2592000,report-uri="https://universal.postfinance.ch/report"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400, s-maxage=86400
x_ok_trid
2a00163002602-001f53-15ac2851-1821cbcd7b5-0014cff9-49706
x-content-type-options
nosniff
x-xss-protection
1; mode=block
input-border-left.png
www.postfinance.ch/sc/fp/1/static/fipo/ux/img/images/ 		942 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.postfinance.ch/sc/fp/1/static/fipo/ux/img/images/input-border-left.png
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/index_files/all.hv.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:17c9:0:8103::20c , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Apache /
Resource Hash
02eb02cdb556defb1b4e160fff6868045f5d2f83fb7da6f8bb6b9b8dda23bb58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 11 May 2022 09:26:51 GMT
server
Apache
date
Wed, 20 Jul 2022 17:51:54 GMT
expect-ct
enforce,max-age=2592000,report-uri="https://universal.postfinance.ch/report"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400, s-maxage=86400
x_ok_trid
2a00163002602-001f53-15ac2851-1821cbcd7b5-0014cffa-49706
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b2729855b2bb5f1ba5a1873ee019b01fde1e56500d2d83677556f0df3f346b

Request headers

Referer
Origin
https://postfinance-sicherhei-ch.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
Initializer.js
postfinance-sicherhei-ch.com/ap/ga/ub/static/js/wp/xmd1645372553448/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/ap/ga/ub/static/js/wp/xmd1645372553448/Initializer.js
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/index_files/visitor.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:54 GMT
content-encoding
br
last-modified
Mon, 11 Apr 2022 09:14:12 GMT
server
LiteSpeed
etag
"999-6253f164-308801989c19e124;br"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
912
SiteIntegrationLazyMain.cfg
postfinance-sicherhei-ch.com/ap/ga/ub/config/xmd1645372553448/all/fr/null/en-GB/https$postfinance-sicherhei-ch.com/MZsy5sFESYqU7MawXZgR_w/null/null/null/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/ap/ga/ub/config/xmd1645372553448/all/fr/null/en-GB/https$postfinance-sicherhei-ch.com/MZsy5sFESYqU7MawXZgR_w/null/null/null/SiteIntegrationLazyMain.cfg
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/index_files/Initializer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:54 GMT
content-encoding
br
last-modified
Mon, 11 Apr 2022 09:14:12 GMT
server
LiteSpeed
etag
"999-6253f164-308801989c19e124;br"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
912
statistics.gif
postfinance-sicherhei-ch.com/ef/public/cc/pics/ 		2 KB
929 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/ef/public/cc/pics/statistics.gif?s=./index_files/all.ef.min.js,./index_files/all.hv.min.js,./index_files/pfunblulegacy.js,./index_files/unblu.integration.component.min.js,/sc/unblu.interceptor.min.js,./index_files/unblu.interceptor.min.js,./index_files/visitor.js,./index_files/Initializer.js,./index_files/SiteIntegrationLazyMain.cfg,./index_files/SiteIntegrationLazyMain.js,index_files/jquery.js,https://postfinance-sicherhei-ch.com/ap/ga/ub/config/xmd1645372553448/all/fr/null/en-GB/https$postfinance-sicherhei-ch.com/MZsy5sFESYqU7MawXZgR_w/null/null/null/SiteIntegrationLazyMain.cfg,./index_files/statistics,./index_files/stats
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/index_files/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

Accept
*/*
Referer
https://postfinance-sicherhei-ch.com/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:54 GMT
content-encoding
br
last-modified
Mon, 11 Apr 2022 09:14:12 GMT
server
LiteSpeed
etag
"999-6253f164-308801989c19e124;br"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
912
data-woff2.css
postfinance-sicherhei-ch.com/sc/fp/1/static/fipo/ux/fonts/ 		2 KB
929 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postfinance-sicherhei-ch.com/sc/fp/1/static/fipo/ux/fonts/data-woff2.css
Requested by
Host: postfinance-sicherhei-ch.com
URL: https://postfinance-sicherhei-ch.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:8:880:0:3142:2f9:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://postfinance-sicherhei-ch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 17:51:54 GMT
content-encoding
br
last-modified
Mon, 11 Apr 2022 09:14:12 GMT
server
LiteSpeed
etag
"999-6253f164-308801989c19e124;br"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
912

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PostFinance (Banking)

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| submitenter function| noenter function| findLabelFor function| enableFormElement function| disableFormElement function| getPageLanugage function| drucken function| deactivate_button function| base64_encode function| makeHTMLEntities function| exportPDF function| isCapslock function| toggleLoginMethod function| amsBridge function| setupLogin function| cleanupFipoTextResources function| doesFontExist function| fontDetection function| ef001 function| openContentOverlay function| requirejs function| require function| requireAsync function| define function| P object| Modernizr function| $ function| jQuery boolean| isApp boolean| isTouch boolean| isMobileApp object| pf object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime object| nnUnblu object| unblu object| unbluIntegrationComponent boolean| isMobile boolean| isOkepa boolean| isQr function| setUpInfoMsgs number| t object| d boolean| hasError function| checkusername function| forgotPassword function| loginAbort function| checksaved string| str number| index string| x-unblu-tmp-window-name object| _unblu_572F594F_21AA_4D30_8081_40F2793592AF string| _unblu_572F594F_21AA_4D30_8081_40F2793592AF253744e3-1874_4669_b286_e7ecf75aeb5f string| webGlRenderer string| webGlVendor object| canvas object| gl string| browserWindowSize number| farbtiefe object| debugInfo object| webpackChunkcom_unblu_meta_server_webpack object| Rx

15 Cookies

Domain/Path Name / Value
postfinance-sicherhei-ch.com/ Name: PHPSESSID
Value: fd3c26917ef3d51567ccfb63cadd1cdb
postfinance-sicherhei-ch.com/ Name: EF001Sprache
Value: en-US
postfinance-sicherhei-ch.com/ Name: EF001Betriebssystem
Value: Win32
postfinance-sicherhei-ch.com/ Name: EF001Webbrowser
Value: Mozilla/5.0%20(Windows%20NT%2010.0_%20Win64_%20x64)%20AppleWebKit/537.36%20(KHTML_%20like%20Gecko)%20Chrome/103.0.5060.134%20Safari/537.36
postfinance-sicherhei-ch.com/ Name: EF001Zeitzone
Value: 0
postfinance-sicherhei-ch.com/ Name: EF001Bildschirm
Value: 1600*1200
postfinance-sicherhei-ch.com/ Name: EF001Hash
Value: -1806396736
postfinance-sicherhei-ch.com/ Name: EF001Plugins
Value: -1569584275
postfinance-sicherhei-ch.com/ Name: EF001Farbtiefe
Value: 24
postfinance-sicherhei-ch.com/ Name: EF001BFG
Value: 1600x1200
postfinance-sicherhei-ch.com/ Name: EF001WGLR
Value: Intel%20Iris%20OpenGL%20Engine
postfinance-sicherhei-ch.com/ Name: EF001WGLV
Value: Intel%20Inc.
postfinance-sicherhei-ch.com/ Name: loginlocation
Value: https%3A%2F%2Fpostfinance-sicherhei-ch.com%2F
postfinance-sicherhei-ch.com/ Name: EFLoginInfo
Value: BS=1600x1200,CD=24,GV=Intel Inc.,GR=Intel Iris OpenGL Engine
postfinance-sicherhei-ch.com/ Name: EF003
Value: 158195

5 Console Messages

Source Level URL
Text
network error URL: https://postfinance-sicherhei-ch.com/sc/unblu.interceptor.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://postfinance-sicherhei-ch.com/ap/ga/ub/static/js/wp/xmd1645372553448/Initializer.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://postfinance-sicherhei-ch.com/ap/ga/ub/config/xmd1645372553448/all/fr/null/en-GB/https$postfinance-sicherhei-ch.com/MZsy5sFESYqU7MawXZgR_w/null/null/null/SiteIntegrationLazyMain.cfg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://postfinance-sicherhei-ch.com/ef/public/cc/pics/statistics.gif?s=./index_files/all.ef.min.js,./index_files/all.hv.min.js,./index_files/pfunblulegacy.js,./index_files/unblu.integration.component.min.js,/sc/unblu.interceptor.min.js,./index_files/unblu.interceptor.min.js,./index_files/visitor.js,./index_files/Initializer.js,./index_files/SiteIntegrationLazyMain.cfg,./index_files/SiteIntegrationLazyMain.js,index_files/jquery.js,https://postfinance-sicherhei-ch.com/ap/ga/ub/config/xmd1645372553448/all/fr/null/en-GB/https$postfinance-sicherhei-ch.com/MZsy5sFESYqU7MawXZgR_w/null/null/null/SiteIntegrationLazyMain.cfg,./index_files/statistics,./index_files/stats
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://postfinance-sicherhei-ch.com/sc/fp/1/static/fipo/ux/fonts/data-woff2.css
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

postfinance-sicherhei-ch.com
www.postfinance.ch
2a00:17c9:0:8103::20c
2a02:4780:8:880:0:3142:2f9:1
02eb02cdb556defb1b4e160fff6868045f5d2f83fb7da6f8bb6b9b8dda23bb58
0578d0d3331b443b5aee2b23e65e98406ae30c0969b2bb750f74102054ee8668
0ed422d6d048aca37eb3c0ab7d4b824bc16d24b38024d0b48ba8cc26de2595fc
112c6c4c1e245cfdc4c4786c0212b4e725a63b85124743aaf69592b9b3e37c03
12f64ad6ca5e7436e96ffce9665a3fc82692b3ad10dbb94c3475ebe021b0c1b4
3b6aef845effa067e4cdfff6a2fa96ce9a6409543bea3d5474fb99aaabf5c315
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
56357c655153f3e1fa0b40233b0aaadedaa0293479322c33f8bf2de499278c7d
67e7db3e316c95e8dc2f9221897f443717e574047c83a3e1747126678a44158d
6e2341a524af81d8b9362e829287bede024d49eb00f2983f39ef3e8675614ac6
6f45613e1f69a8c4b24f4f8594f55ecf6d35d89c13138579a3fec5b935ee1996
751da8f18cc3e46517eb28bfd9d72b266b601267650472caeda3a36809bbcbae
7e88448fe82b77cc4944eeed74592c9e299d66ae8b0e2f9f7a8bd320e157e033
98b2729855b2bb5f1ba5a1873ee019b01fde1e56500d2d83677556f0df3f346b
c0e5e6227c874ed32064d5705feef3fe25c48de60395122e9652831800489826
d0914c4c53c703c789f42965be5b05d04171cbe36bb44ab9bf6696ad03f07d17
d57b7c65343639b61a2d188404fd4299d7a1e76d6449c12c8b6cda54d6b5467a
e5aae9816566b9b6f03fdf031c253e77375787570214631cba31087468dab48d
ea8d70c5bb432cc84e8e5e0db99d128dac1c13f1d9d45d4dcba3d5151826310c
eb531334a6f32cab9a1c15ab18d36f3cc66e773c76e6abce1c9a7164af7e9a0a
f7ab85d108404ce04f57561886170bb64f90ca6ffc0de468508483c52d99171c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e