gebuhrenfrelonline.com Open in urlscan Pro
2606:4700:3036::6815:580a  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://snasx.servequake.com/ Page URL
2. https://gebuhrenfrelonline.com/postfinance.ch/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ snasx.servequake.com/	82 B 315 B	368ms 181ms	Document text/html	162.240.235.7 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://snasx.servequake.com/ Protocol HTTP/1.1 Server 162.240.235.7 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-235-7.unifiedlayer.com Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Upgrade, Keep-Alive Content-Type text/html; charset=UTF-8 Date Wed, 03 Jan 2024 20:21:27 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked Upgrade h2,h2c
GET H2	200	Primary Request / Show response gebuhrenfrelonline.com/postfinance.ch/	47 KB 10 KB	1794ms 1475ms	Document text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/postfinance.ch/ Requested by Host: snasx.servequake.com URL: http://snasx.servequake.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c322bd59feab5b48fea4a9e83544e591a46f5001a2a66041ca0aed48eab9b7f5 Request headers Referer http://snasx.servequake.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 83fdf2c57dff67f2-SJC content-encoding br content-type text/html; charset=UTF-8 date Wed, 03 Jan 2024 20:21:29 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddbdz97GuvyPgQNt5OYjRe%2Fdw%2B5iRNebnqwN1iLxH6u9WPIOh534CL%2FffmyTFbe34O433%2FQYUvvDJ8%2FWPuF6FII%2F8je56yann3NE%2F2pznsrHvu1kJpB9D1MrxdhUZdVWwwEhokP1GuJx1DVolZ9rgWb3RfL0"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	404	bs.js gebuhrenfrelonline.com/postfinance.ch/assets/	0 0	231ms 230ms	Script text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/postfinance.ch/assets/bs.js Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://gebuhrenfrelonline.com/postfinance.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbcGBBosglCxF5NOoN93zlofxsiDwdlmWQt6RxfNgWAZt%2B74z1YeuoClxsJ4HqBW9RAc1y3FXsP3Wyk0TAC%2F%2FYcV2g%2Fi2rMc8FnKuhYU0OywZVVMaNyN1E%2BqVZo81wWL4%2BZ88MWLaXoOh5zMi%2Bk8HVOOKmjr"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83fdf2ceaff167f2-SJC alt-svc h3=":443"; ma=86400
GET H2	200	6d93793434522e02.css gebuhrenfrelonline.com/postfinance.ch/	202 KB 27 KB	294ms 294ms	Stylesheet text/css	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/postfinance.ch/6d93793434522e02.css Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa71552dfa8c619c3c9461ed1c8d2564b952f5eb7cdb7c106ef2f2b915a91a5e Request headers accept-language de-DE,de;q=0.9 Referer https://gebuhrenfrelonline.com/postfinance.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status MISS last-modified Tue, 02 Jan 2024 18:09:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmR4EPkaMrTWsyv8Sg%2FlwkUQXfL0DZhtQEmXT9vcTV8Abdsii2kunZWqCvF%2FPPOzzgfSiF4QGTo4XHNcjsFZ%2FCtZ8fjIGhA8gCRRfol4IIEZjt1tB26X5tXxMUJ6VFq8Aqi7TqpLOxbqGPKmjM2rl2Kc7HO%2B"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 83fdf2ceafef67f2-SJC alt-svc h3=":443"; ma=86400
GET H3	404	unblu.integration.component.js gebuhrenfrelonline.com/ap/ga/ub/pfstatic/js/	0 0	490ms 489ms	Script text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/ap/ga/ub/pfstatic/js/unblu.integration.component.js Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://gebuhrenfrelonline.com/postfinance.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xa%2B176piEHvL4qObx8yiakXzXTzAn4NfjJWSHEdCsZz66VXo6G0R8MhmuW0o%2FE%2F6SgG2bQTHlsMQiz%2FlDBe75XBwzbSiGmV9uJORUcVgkPeKYcmk9ftRGtIGAo1Uf9D%2B%2BqsV13yP3Kh4M9Ph2%2BkDHwO2Xdp2"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83fdf2cfa886f0db-CDG alt-svc h3=":443"; ma=86400
GET H3	404	unblu.interceptor.min.js gebuhrenfrelonline.com/ap/ga/ub/pfstatic/js/	0 0	491ms 490ms	Script text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/ap/ga/ub/pfstatic/js/unblu.interceptor.min.js Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://gebuhrenfrelonline.com/postfinance.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6o7gMe%2Fv4h%2FEhkp6p3AP4GvPC3VBAIIOXunAV6Nm6Aju4fycavfyNTEKLOBfwJ7xpDx6TQ021%2FBn0t7GHF0I6EEgfmIRJmgokNjm9nonj3R5hpzLGwtck1fuUyB0u7B711LvP7dCuRme2LnJnJ1Z6DqLOXC"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83fdf2cfb889f0db-CDG alt-svc h3=":443"; ma=86400
GET H2	200	ib9157483.js Show response bqztzw.postfinance.ch/ap/ga/bb/	198 KB 199 KB	76ms 28ms	Script text/javascript	2a00:17c9:0:103::20a CH-POSTNETZ Post ...
General Check archive.org Show headers Download Go to Full URL https://bqztzw.postfinance.ch/ap/ga/bb/ib9157483.js Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:17c9:0:103::20a , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH), Reverse DNS Software / Resource Hash db0899d9846557d929780955d929bcbf0ffbbfef16f7729abd3f9830e3f155c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://gebuhrenfrelonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT x-correlation-id b38ee64e-14ce-4fea-a7a4-0907ecab4125 x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains referrer-policy no-referrer access-control-allow-methods GET,PUT,POST,DELETE,OPTIONS content-type text/javascript access-control-allow-origin * cache-control max-age=1800 access-control-allow-headers Content-Type,Authorization content-length 202798 x-request-id 46743ec65397ee6cfcca0be4edc694de
GET H3	404	statistics gebuhrenfrelonline.com/ap/ga/ef/appl/	0 0	494ms 492ms	Script text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/ap/ga/ef/appl/statistics?p_page=993 Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://gebuhrenfrelonline.com/postfinance.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXJ6fstB6EMjUBKxM0B60OfT98OGxZySXeSIIE2Vjo3wJ3w7OP2fFGHrpJTatUTH2VLkT6gkdyNmo5joim0nThbK0L32u36LktQRsfZLZeG19RNH8htpwcvGJrVQxCN3kjyO8KIo5w5%2B%2B56hK%2B%2BogMkMEG4S"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 83fdf2cfb88ef0db-CDG alt-svc h3=":443"; ma=86400
GET H3	404	stats gebuhrenfrelonline.com/ap/ga/ef/appl/	0 0	525ms 524ms	Script text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/ap/ga/ef/appl/stats?p_page=993 Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://gebuhrenfrelonline.com/postfinance.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTrxUWEwajrpQwsGyEchi%2BZdKHKf2yaNiUpxZdF428rqytcFfAgMcarbuIv%2B6Ou04K3Hq6H11G6d7n7tGVsiwiLOWcKPKz6aamCqzvm2U1lRJBqnBgsG773HtAWStSfIPvMHA3KQrSt1rY3wSUFJhWqcJPlc"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 83fdf2cfb893f0db-CDG alt-svc h3=":443"; ma=86400
GET H3	404	visitor.js gebuhrenfrelonline.com/ap/ga/ub/	0 0	529ms 528ms	Script text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/ap/ga/ub/visitor.js?x-unblu-apikey=MZsy5sFESYqU7MawXZgR_w Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://gebuhrenfrelonline.com/postfinance.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVli42vr6SnrbqBepbuq7ssrVg8m7kOC53zR6drZNLa0q0ErHNjL5hZtmZxF9eylGQ9iqbR%2BRv390pT%2F48q%2FUFcL5SrgCbF9PKYtHMYdz4W58tZRfRy7Y6xYMEt5X81FZojirvqfgrRrvpQrF%2BiL%2BodJiktz"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83fdf2cfb894f0db-CDG alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	Initializer.min.js Show response www.postfinance.ch/ap/ga/ub/static/js/wp/xmd1703267636152/	7 KB 4 KB	95ms 42ms	Script application/javascript	2a00:17c9:0:8103::20c CH-POSTNETZ Post ...
General Check archive.org Show headers Download Go to Full URL https://www.postfinance.ch/ap/ga/ub/static/js/wp/xmd1703267636152/Initializer.min.js Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:17c9:0:8103::20c , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH), Reverse DNS Software Apache / Resource Hash 7cf7825c4360c4faf04d7203f332303a48e419cf461c3260bc6ad68344e39133 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://gebuhrenfrelonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Wed, 03 Jan 2024 20:21:30 GMT Content-encoding gzip X-content-type-options nosniff Strict-transport-security max-age=31536000; includeSubDomains; preload X_OK_TRID 2a026ea0c71b00-3286c5-15ac2451-18cd0fcfe07-0113e49e-39604 Connection Keep-Alive Content-Length 2732 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-modified Tue, 25 Jul 2023 19:13:10 GMT Server Apache Expect-CT enforce,max-age=2592000,report-uri="https://universal.postfinance.ch/report" X-Frame-Options SAMEORIGIN Content-Type application/javascript;charset=utf-8 Cache-control max-age=315619200,public Accept-ranges bytes Keep-Alive timeout=5, max=50 Expires Thu, 22 Dec 2033 17:54:00 GMT
GET H/1.1	200 OK	SiteIntegrationLazyMain.cfg Show response www.postfinance.ch/ap/ga/ub/config/xmd1704216540347/all/de/null/en-US/https$www.postfinance.ch/MZsy5sFESYqU7MawXZgR_w/null/null/null/	19 KB 5 KB	121ms 74ms	Script application/javascript	2a00:17c9:0:8103::20c CH-POSTNETZ Post ...
General Check archive.org Show headers Download Go to Full URL https://www.postfinance.ch/ap/ga/ub/config/xmd1704216540347/all/de/null/en-US/https$www.postfinance.ch/MZsy5sFESYqU7MawXZgR_w/null/null/null/SiteIntegrationLazyMain.cfg Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:17c9:0:8103::20c , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH), Reverse DNS Software Apache / Resource Hash 55a077c6d6d61ff8ad0f6001141864bd898edb1bd24b9d5411c3c8091d540c52 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://gebuhrenfrelonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Wed, 03 Jan 2024 20:21:30 GMT Content-encoding gzip X-content-type-options nosniff Strict-transport-security max-age=31536000; includeSubDomains; preload X_OK_TRID 2a026ea0c71b00-3286c5-15ac2451-18cd0fcfdfd-0113e49d-39610 Connection Keep-Alive Content-Length 4518 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-modified Tue, 26 Dec 2023 09:20:59 GMT Server Apache Expect-CT enforce,max-age=2592000,report-uri="https://universal.postfinance.ch/report" X-Frame-Options SAMEORIGIN Content-Type application/javascript;charset=utf-8 Cache-control max-age=315619200,private Keep-Alive timeout=5, max=50 Expires Tue, 03 Jan 2034 20:21:30 GMT
GET H/1.1	200 OK	SiteIntegrationLazyMain.min.js Show response www.postfinance.ch/ap/ga/ub/static/js/wp/xmd1703267636152/	588 KB 158 KB	97ms 43ms	Script application/javascript	2a00:17c9:0:8103::20c CH-POSTNETZ Post ...
General Check archive.org Show headers Download Go to Full URL https://www.postfinance.ch/ap/ga/ub/static/js/wp/xmd1703267636152/SiteIntegrationLazyMain.min.js Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:17c9:0:8103::20c , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH), Reverse DNS Software Apache / Resource Hash ff2d4788ab5e3fef46e66d718255252b2b3118240138236e7937081f380513a7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://gebuhrenfrelonline.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Wed, 03 Jan 2024 20:21:30 GMT Content-encoding gzip X-content-type-options nosniff Strict-transport-security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked X_OK_TRID 2a026ea0c71b00-3286c5-15ac2451-18cd0fcfe08-0113e49f-39624 Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-modified Tue, 25 Jul 2023 19:13:10 GMT Server Apache Expect-CT enforce,max-age=2592000,report-uri="https://universal.postfinance.ch/report" X-Frame-Options SAMEORIGIN Content-Type application/javascript;charset=utf-8 Cache-control max-age=315619200,public Keep-Alive timeout=5, max=50 Expires Thu, 22 Dec 2033 17:54:00 GMT
GET H2	404	runtime.d3b0b5b6084b7b79.js gebuhrenfrelonline.com/cc/ok/lr/	0 0	233ms 232ms	Script text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/cc/ok/lr/runtime.d3b0b5b6084b7b79.js Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://gebuhrenfrelonline.com/postfinance.ch/ Origin https://gebuhrenfrelonline.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9tKLWvNtkTCHoCJ8F1H0aDyb%2B2dQw%2FgOOmzXt3y%2Fdz3S3aUQRiZbwhI%2BUa9D8UxFE70lNFeKK1zIe8BYqHb52HWUQmFJa9bSieHObW5vstc1hP6N3zLbNfw16csNlxaksnUDVfGutXAfnDgAZgItrAO9toP"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83fdf2cec80967f2-SJC alt-svc h3=":443"; ma=86400
GET H2	404	polyfills.80561a7bd696d7a6.js gebuhrenfrelonline.com/cc/ok/lr/	0 0	228ms 227ms	Script text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/cc/ok/lr/polyfills.80561a7bd696d7a6.js Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://gebuhrenfrelonline.com/postfinance.ch/ Origin https://gebuhrenfrelonline.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmUy5%2Fi1ynT6VmT9oLetAUQVmcpxChSx06sACy2i7DemJuR03t%2BFZpTm0j71A7gcNBp2W8W%2Bu%2BFFSTjMqWI1RxBi%2FIHBnB5u1%2FcSwFiS6lzSvKS6mS5zLUwqx2Nm91LLfYWlAiZnxjwIDQjOi56GOA2BG6p1"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83fdf2cec80b67f2-SJC alt-svc h3=":443"; ma=86400
GET H2	404	main.0c0f274de970d187.js gebuhrenfrelonline.com/cc/ok/lr/	0 0	231ms 231ms	Script text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/cc/ok/lr/main.0c0f274de970d187.js Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://gebuhrenfrelonline.com/postfinance.ch/ Origin https://gebuhrenfrelonline.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sA%2B8qe7SHKZBl9CHXnFmlHGydIihmX2OXy9zrgQtaXKensspffqo9J0hQ8GPgh8UQ1vRPqwSAdhoikcChvLGbKtm%2FrgRlWrMznPx%2BzNXMkFCZVG5C84lYa9ZolcEm1p5dfHHG69gbazdMC5f%2F2QcAJotKMGf"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83fdf2cec80c67f2-SJC alt-svc h3=":443"; ma=86400
GET H3	404	main.js gebuhrenfrelonline.com/ap/ga/ob/html/preload/	0 0	495ms 494ms	Other text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/ap/ga/ob/html/preload/main.js Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://gebuhrenfrelonline.com/postfinance.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9P39saJCJ6nb4xeIDkoINqON7pbo2S4oGJiPEzIr88Twqb%2FbhMvkAGWABKQzk%2FLehGcSau6z0e3rcplFyDI7ak%2Bvvh8OWu3F4XjU8QU87af7g8BlRuTQTf2AXLLKIsP9PsEMaX6nVnY9Ne2NnWrZv3%2FTQfMz"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83fdf2cfb899f0db-CDG alt-svc h3=":443"; ma=86400
GET H3	404	styles.css gebuhrenfrelonline.com/ap/ga/ob/html/preload/	0 0	494ms 493ms	Other text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/ap/ga/ob/html/preload/styles.css Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://gebuhrenfrelonline.com/postfinance.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MSzBt%2FbSMWWmN%2F4hlyRmujrKIH2%2BYz%2FvJJKADQ3arJvoU2ux4Wvqlal2GZiaDIFGJ6%2FjDPpw8C%2BRJ3VpJnWkD%2BxyUpXnPkV52bZiFNVtKM%2BAb%2F5xTUSPaviHw262Nf5GnQMK42rJHwGvzI33%2FGVYcQTrgJ7"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83fdf2cfb89df0db-CDG alt-svc h3=":443"; ma=86400
GET H3	404	menu.9e673858d384d2a88ba2.svg gebuhrenfrelonline.com/postfinance.ch/assets/sprites/	0 0	492ms 491ms	Other text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/postfinance.ch/assets/sprites/menu.9e673858d384d2a88ba2.svg Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://gebuhrenfrelonline.com/postfinance.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuM%2FR24yIPTDFRaeXMgytqsiqn3njMn5E1MPEZzK0%2F9zG9KJVxg3yI5EDAAiEftxfGVh3sv%2BVdhXQQkQLZ4min5auy5HutDAxKbK3YMTxvoikcyMuzOGWCJ9ECA086YC%2F%2BVY%2BWp4yDIs5h5x7vH7G7S6lWuI"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83fdf2cfb895f0db-CDG alt-svc h3=":443"; ma=86400
GET H3	404	application.ce995d22237219656e3a.svg gebuhrenfrelonline.com/postfinance.ch/assets/sprites/	0 0	529ms 529ms	Other text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/postfinance.ch/assets/sprites/application.ce995d22237219656e3a.svg Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://gebuhrenfrelonline.com/postfinance.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDWOl3Po%2Bu4T0Q4QWVS5np%2BUwQ90%2BV7Wb%2FuoRyXUFFIUdBLew%2BM8GLSeNPFZGCd%2BixOdNXhBanxsCDYlZt9%2BRNmdIRlUn49nA8Q11NQiXxlug424Z3U3lKCqxlSr0aadwk4UmiG5gQIp7Ww%2B9%2Bu%2FFmIDDyeN"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83fdf2cfb8a1f0db-CDG alt-svc h3=":443"; ma=86400
GET H3	404	FrutigerNeueLTW06-Light.23770ae90a0ac3d5.woff2 gebuhrenfrelonline.com/postfinance.ch/	0 0	505ms 505ms	Font text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/postfinance.ch/FrutigerNeueLTW06-Light.23770ae90a0ac3d5.woff2 Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/6d93793434522e02.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://gebuhrenfrelonline.com/postfinance.ch/6d93793434522e02.css Origin https://gebuhrenfrelonline.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJ7OmLb2BuNWMiy8dR2OvfedFDQ7KA%2FJ27n9SQgnLqsppESfv3kNLaiRBZ8mGcT8z2GXUtLPS4oskp3nR1XsF5U5lJD23MCpcLE67twpCbgiDUMuFHVSnkSFRAcX3X2%2FIARPOYXsQdoY%2BMJsDsOKLTsFYHDc"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83fdf2d059cbf0db-CDG alt-svc h3=":443"; ma=86400
GET H3	404	FrutigerNeueLTW05-Medium.58a0ff866e7c76b1.woff2 gebuhrenfrelonline.com/postfinance.ch/	0 0	521ms 520ms	Font text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/postfinance.ch/FrutigerNeueLTW05-Medium.58a0ff866e7c76b1.woff2 Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/6d93793434522e02.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://gebuhrenfrelonline.com/postfinance.ch/6d93793434522e02.css Origin https://gebuhrenfrelonline.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:30 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GzbbMRLHBoFjirLiBtxmrfc94OGZqSOCi8Zw2OH4Xg3n6p3u85QCb0IXyYLkhDE8My7RQGedKX9I5haCh1abYPGOOyWrpqyjV3QZNrBsUtu9AgfdFV5U9QjiQMON6%2Bxa3omiyYKcVJuc1xLrjEalek46eHf"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83fdf2d059d0f0db-CDG alt-svc h3=":443"; ma=86400
GET H3	404	FrutigerNeueLTW06-Light.16eb43da28f5fe57.woff gebuhrenfrelonline.com/postfinance.ch/	0 0	488ms 488ms	Font text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/postfinance.ch/FrutigerNeueLTW06-Light.16eb43da28f5fe57.woff Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/6d93793434522e02.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://gebuhrenfrelonline.com/postfinance.ch/6d93793434522e02.css Origin https://gebuhrenfrelonline.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:31 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FBI5xQiVpD3G9ypaiSOFNI6ZnHR4i1oX12VdACvh43vroZZI5BUPUA8KVnssSpEwQVIA9n4EyzenZhTAEk3KhDmHxdgdWs7C2f6raHtiAzDgv7t3Yk%2BKwrQE9H7OEEVFQQomcO8P%2FoOQbPwkxGaDddtIsAO"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83fdf2d38828f0db-CDG alt-svc h3=":443"; ma=86400
GET H3	404	FrutigerNeueLTW05-Medium.3497822aa79c4753.woff gebuhrenfrelonline.com/postfinance.ch/	0 0	525ms 524ms	Font text/html	2606:4700:3036::6815:580a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gebuhrenfrelonline.com/postfinance.ch/FrutigerNeueLTW05-Medium.3497822aa79c4753.woff Requested by Host: gebuhrenfrelonline.com URL: https://gebuhrenfrelonline.com/postfinance.ch/6d93793434522e02.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:580a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://gebuhrenfrelonline.com/postfinance.ch/6d93793434522e02.css Origin https://gebuhrenfrelonline.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 03 Jan 2024 20:21:31 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLISzsNV3P7BxoOQtwhTSRurZdXjyhWGaKI4KNQDPjXvrlPPh4%2BxrAWUTkkwhY%2B2unoWnZGQTDftYlLwPGLwSB3E2Lq25Hubz9eGrqlEqPDOf3zMoPGmYewsjo7AM%2FmhOqXwgPAlYqEL5rUZ4jm1g7YkLiMT"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83fdf2d39854f0db-CDG alt-svc h3=":443"; ma=86400
POST H2	200	prolong Show response bqztzw.postfinance.ch/ap/ga/bb/	156 B 506 B	138ms 106ms	XHR text/html	2a00:17c9:0:103::20a CH-POSTNETZ Post ...
General Check archive.org Show headers Download Go to Full URL https://bqztzw.postfinance.ch/ap/ga/bb/prolong?sid=LMr1hzpSYjjCbJLr4AhPrI8kxp5pCLTK&tc9g=ezuLhhDbMu9Jn04imQh2HGvVqgREQTh5 Requested by Host: bqztzw.postfinance.ch URL: https://bqztzw.postfinance.ch/ap/ga/bb/ib9157483.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:17c9:0:103::20a , Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH), Reverse DNS Software / Resource Hash 3cbb95aeaec3fbd260bb109bfa8e207af461c52b673d9c2f24367304c2af3381 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://gebuhrenfrelonline.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Content-type text/plain Response headers date Wed, 03 Jan 2024 20:21:33 GMT x-correlation-id 56bc1d31-5235-4519-aa86-6abb8e18f1b6 x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains referrer-policy no-referrer access-control-allow-methods GET,PUT,POST,DELETE,OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin * access-control-allow-headers Content-Type,Authorization content-length 156 x-request-id 3ebd4ee6369eccad3cb3bfd0002ff320

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swiss Post (Transportation) PostFinance (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _unblu_572F594F_21AA_4D30_8081_40F2793592AF string| eventObf function| cls object| webpackChunkcom_unblu_meta_server_webpack object| w

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gebuhrenfrelonline.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: fd1decd06591742b107cfbcdca266a44
			gebuhrenfrelonline.com/	1970-01-20 17:25:20	Name: EF001BFGvc3 Value: LMr1hzpSYjjCbJLr4AhPrI8kxp5pCLTK
			gebuhrenfrelonline.com/	1970-01-21 00:37:13	Name: EF001BF27rF Value: ezuLhhDbMu9Jn04imQh2HGvVqgREQTh5

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gebuhrenfrelonline.com/postfinance.ch/assets/bs.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/cc/ok/lr/polyfills.80561a7bd696d7a6.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/cc/ok/lr/main.0c0f274de970d187.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/cc/ok/lr/runtime.d3b0b5b6084b7b79.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/ap/ga/ub/pfstatic/js/unblu.integration.component.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/ap/ga/ub/pfstatic/js/unblu.interceptor.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/postfinance.ch/assets/sprites/menu.9e673858d384d2a88ba2.svg#ico_chevronUpLarge_16 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/ap/ga/ef/appl/statistics?p_page=993 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/ap/ga/ob/html/preload/styles.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/ap/ga/ob/html/preload/main.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/ap/ga/ef/appl/stats?p_page=993 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/ap/ga/ub/visitor.js?x-unblu-apikey=MZsy5sFESYqU7MawXZgR_w Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/postfinance.ch/assets/sprites/application.ce995d22237219656e3a.svg#ico_eyeOpen_24 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/postfinance.ch/FrutigerNeueLTW06-Light.23770ae90a0ac3d5.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/postfinance.ch/FrutigerNeueLTW05-Medium.58a0ff866e7c76b1.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/postfinance.ch/FrutigerNeueLTW06-Light.16eb43da28f5fe57.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gebuhrenfrelonline.com/postfinance.ch/FrutigerNeueLTW05-Medium.3497822aa79c4753.woff Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://bqztzw.postfinance.ch/ap/ga/bb/ib9157483.js(Line 67) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bqztzw.postfinance.ch
gebuhrenfrelonline.com
snasx.servequake.com
www.postfinance.ch
162.240.235.7
2606:4700:3036::6815:580a
2a00:17c9:0:103::20a
2a00:17c9:0:8103::20c
3cbb95aeaec3fbd260bb109bfa8e207af461c52b673d9c2f24367304c2af3381
55a077c6d6d61ff8ad0f6001141864bd898edb1bd24b9d5411c3c8091d540c52
7cf7825c4360c4faf04d7203f332303a48e419cf461c3260bc6ad68344e39133
aa71552dfa8c619c3c9461ed1c8d2564b952f5eb7cdb7c106ef2f2b915a91a5e
c322bd59feab5b48fea4a9e83544e591a46f5001a2a66041ca0aed48eab9b7f5
db0899d9846557d929780955d929bcbf0ffbbfef16f7729abd3f9830e3f155c9
ff2d4788ab5e3fef46e66d718255252b2b3118240138236e7937081f380513a7