urlscan.io logo urlscan.io
SecurityTrails logo

z5h64q92x9.net Open in urlscan Pro
2a02:6b8::1:193  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/icorner.ch/cop-ch
Effective URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Submission: On December 14 via manual from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 38 HTTP transactions. The main IP is 2a02:6b8::1:193, located in Moscow, Russian Federation and belongs to YNDX, FI. The main domain is z5h64q92x9.net.
TLS certificate: Issued by Yandex CA on October 30th 2021. Valid for: 6 months.
This is the only time z5h64q92x9.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Cornèr Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
2 12 2a02:6b8::1:193 208722 (YNDX)
7 2a02:6b8:20::215 208722 (YNDX)
9 194.11.213.191 3303 (SWISSCOM ...)
5 2a02:6b8:a::a 208722 (YNDX)
3 2a02:6b8::194 208722 (YNDX)
38 6
12    2a02:6b8::1:193 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
z5h64q92x9.net
7    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yastatic.net
9    194.11.213.191 (Switzerland)

ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH)
www.icorner.ch
5    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yandex.ru
3    2a02:6b8::194 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
translate.yandex.net
Apex Domain
Subdomains		 Transfer
12 z5h64q92x9.net
z5h64q92x9.net
338 KB
9 icorner.ch
www.icorner.ch
59 KB
7 yastatic.net
yastatic.net
64 KB
5 yandex.ru
yandex.ru
1 KB
3 yandex.net
translate.yandex.net
2 KB
38 5
Domain Requested by
12 z5h64q92x9.net 2 redirects z5h64q92x9.net
9 www.icorner.ch z5h64q92x9.net
www.icorner.ch
7 yastatic.net z5h64q92x9.net
5 yandex.ru z5h64q92x9.net
3 translate.yandex.net yastatic.net
38 5

This site contains links to these domains. Also see Links.

Domain
translate.yandex.ru
yandex.ru
www.icorner.ch
Subject Issuer Validity Valid
z5h64q92x9.net
Yandex CA		 2021-10-30 -
2022-04-30		 6 months crt.sh
*.yastatic.net
Yandex CA		 2021-08-18 -
2022-02-16		 6 months crt.sh
www.icorner.ch
DigiCert ECC Extended Validation Server CA		 2020-07-24 -
2022-07-29		 2 years crt.sh
yandex.ru
Yandex CA		 2021-08-30 -
2022-02-28		 6 months crt.sh
translate.yandex.net
Yandex CA		 2021-12-10 -
2022-05-16		 5 months crt.sh

This page contains 1 frames:

Primary Page: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Frame ID: 03B28850F87DD881433E6F139E8EC98A
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Вход в систему: iCornèr | Cornèrcard | Онлайн-доступ

Page URL History Show full URLs

  1. https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/icorner.ch/co... HTTP 307
    https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.c... HTTP 307
    https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.c... Page URL

Page Statistics

38
Requests

89 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

464 kB
Transfer

714 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/icorner.ch/cop-ch HTTP 307
    https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/ HTTP 307
    https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/
Redirect Chain
  • https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/icorner.ch/cop-ch
  • https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/
  • https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
22 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
4b627c3bfe0e6e2e25cc86b5dcbab31fdb2ca9b802f7d2e3af81840ed749e9ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-length
22794
etag
"b4e280494792b755611f6a7ebb5172726db869c1"
content-type
text/html; charset=utf-8
date
Tue, 14 Dec 2021 12:31:36 GMT
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000
cache-control
max-age=120

Redirect headers

content-length
0
location
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
content-type
text/html; charset=UTF-8
date
Tue, 14 Dec 2021 12:31:36 GMT
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000
turbo.js
yastatic.net/s3/translate/v21.27.1/dist/scripts/bundles/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/translate/v21.27.1/dist/scripts/bundles/turbo.js
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
ed83a026568e6a025ec78ebefcf3e3209babd0b5ec63ade71fe016bd7b383c73
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Origin
https://z5h64q92x9.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:37 GMT
content-encoding
br
last-modified
Fri, 10 Dec 2021 13:25:00 GMT
server
nginx/1.17.9
etag
W/"f9df74cccce4f0161fdba44076854a09"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
expires
Wed, 14 Dec 2022 18:15:58 GMT
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
x-nginx-request-id
5a07ec94c7bae6f0
tr_page_popup.css
yastatic.net/s3/translate/v21.27.1/dist/styles/misc/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/translate/v21.27.1/dist/styles/misc/tr_page_popup.css
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2532477e8d513907453281875c0094b15c2de4f140f4a009b93cc870d58c7ebe
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:37 GMT
content-encoding
br
last-modified
Fri, 10 Dec 2021 13:25:01 GMT
server
nginx/1.17.9
etag
W/"17e415f83f90752e80dd978e2a5d611f"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/css
access-control-allow-origin
*
expires
Wed, 14 Dec 2022 18:19:39 GMT
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
x-nginx-request-id
6913bf29429ccc41
tr_page_stripe.css
yastatic.net/s3/translate/v21.27.1/dist/styles/misc/ 		31 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/translate/v21.27.1/dist/styles/misc/tr_page_stripe.css
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
ae344980cf0ea1a7e9b9a5049890d496118ee84bfa82f968047fdf70203450b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:37 GMT
content-encoding
br
last-modified
Fri, 10 Dec 2021 13:25:01 GMT
server
nginx/1.17.9
etag
W/"1f0d06f054ff6001a1796e2a77c348b7"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/css
access-control-allow-origin
*
expires
Wed, 14 Dec 2022 18:19:39 GMT
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
x-nginx-request-id
4b7db4cddf775e1a
tr_page.js
yastatic.net/s3/translate/v21.27.1/dist/scripts/addons/ 		118 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/translate/v21.27.1/dist/scripts/addons/tr_page.js
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9ea360aab6dc6f21249c0f0b7954f3c2ffa6f2b0d6bfd340934b9d71de69af6c
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:37 GMT
content-encoding
br
last-modified
Fri, 10 Dec 2021 13:24:59 GMT
server
nginx/1.17.9
etag
W/"c3f298dc2c2db342b6219a4f42884a4f"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
expires
Wed, 14 Dec 2022 18:17:53 GMT
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
x-nginx-request-id
51db2eec8e704a1a
tr_page_popup.js
yastatic.net/s3/translate/v21.27.1/dist/scripts/addons/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/translate/v21.27.1/dist/scripts/addons/tr_page_popup.js
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
dc22751b4af1a349fb9e84f9bf177f30f9a1a45f08f9c3e9cf654dadcf9f734c
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:37 GMT
content-encoding
br
last-modified
Fri, 10 Dec 2021 13:25:00 GMT
server
nginx/1.17.9
etag
W/"7049e9b0b1e0d71a1c72d451e87b623f"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
expires
Wed, 14 Dec 2022 18:19:39 GMT
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
x-nginx-request-id
c2e569d30cf1bb89
tr_page_worker.js
yastatic.net/s3/translate/v21.27.1/dist/scripts/addons/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/translate/v21.27.1/dist/scripts/addons/tr_page_worker.js
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
6d407ddc4b8a8ee27aa947c4ccc1a3fea37795c587d44fa40dba6fd24cbcc5b1
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:37 GMT
content-encoding
br
last-modified
Fri, 10 Dec 2021 13:25:00 GMT
server
nginx/1.17.9
etag
W/"5bc49a17da69da95af4cad4adfc0025d"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
expires
Wed, 14 Dec 2022 18:19:40 GMT
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
x-nginx-request-id
27551cc994477853
bootstrap.min.css
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		150 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/bootstrap.min.css
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Date
Tue, 14 Dec 2021 12:31:37 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
must-revalidate
Transfer-Encoding
chunked
Connection
Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=100
Expires
Tue, 14 Dec 2021 12:41:17 GMT
sticky-footer-navbar.css
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		517 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/sticky-footer-navbar.css
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
049bdf6dc57a3d1c9c8ef9ef365a6f4a9d6578eb3575158689ca50470f7bd52d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Tue, 14 Dec 2021 12:31:37 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
517
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=100
Expires
Tue, 14 Dec 2021 12:41:17 GMT
default.css
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		10 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/default.css
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
1629ec5904e3c812dbc09fda9276b81830cc2f38c89716035f72e171af54cbcb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Date
Tue, 14 Dec 2021 12:31:37 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
3173
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=100
Expires
Tue, 14 Dec 2021 12:41:17 GMT
icons.css
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/icons.css
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
5168ba395afb3dfed1e5c4cff8b0fbac7eb25783aef7006d66427a7ce0c53634
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Date
Tue, 14 Dec 2021 12:31:37 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
514
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=100
Expires
Tue, 14 Dec 2021 12:41:17 GMT
ie7.css
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		761 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ie7.css
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
6a547cea69e8f714a913b8a2dbc490c481c29487f2fbb40490ae7eaedf6c5f2b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Tue, 14 Dec 2021 12:31:37 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
761
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=100
Expires
Tue, 14 Dec 2021 12:41:17 GMT
jquery-3.3.1.min.js
z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/jquery-3.3.1.min.js
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:37 GMT
cache-control
max-age=120
referrer-policy
no-referrer-when-downgrade
etag
"05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac"
content-length
86926
strict-transport-security
max-age=31536000
content-type
application/javascript
jquery.inputmasked.js
z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/jquery.inputmasked.js
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
1c6283fafd793ca03e608582aa9f99439996ab01ac1a43f985201b8ddce4f721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:37 GMT
cache-control
max-age=120
referrer-policy
no-referrer-when-downgrade
etag
"875172d538e5d5271033f1f7491de57596d77a20"
content-length
10418
strict-transport-security
max-age=31536000
content-type
application/javascript
jquery.cookie.js
z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/jquery.cookie.js
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
29f96874bd53736f243f7d529a63ae9521ee5198b517d9ec41f74700f98c95fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:37 GMT
cache-control
max-age=120
referrer-policy
no-referrer-when-downgrade
etag
"7a20ef0c5097d131003ee1b652e719a72d1a551a"
content-length
3697
strict-transport-security
max-age=31536000
content-type
application/javascript
momentjs.js
z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		146 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/momentjs.js
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e02aa7d64496e4e74f5cf9231e6a52246b4ba9685e3e9ab109c0c8fdd0cf9f28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:37 GMT
cache-control
max-age=120
referrer-policy
no-referrer-when-downgrade
etag
"6b29ef383e4f3a29faec5b7b3ccc287b026441db"
content-length
148999
strict-transport-security
max-age=31536000
content-type
application/javascript
bootstrap.min.js
z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		54 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/bootstrap.min.js
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:37 GMT
cache-control
max-age=120
referrer-policy
no-referrer-when-downgrade
etag
"de908c9ed184d74eb525fa7a30449b67fc3a1c14"
content-length
55775
strict-transport-security
max-age=31536000
content-type
application/javascript
validation.js
z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/validation.js
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
15c387db3a79471b99574c203f5d38620723a2c611b2c0e31c05336efd96d04d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:37 GMT
cache-control
max-age=120
referrer-policy
no-referrer-when-downgrade
etag
"bb6c0f43fcf6ae5c08f0396234844b9a16fdc822"
content-length
10882
strict-transport-security
max-age=31536000
content-type
application/javascript
common-translation.js
z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		963 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/common-translation.js
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
f25d9df70edcf18f2167d9a4a0325d80c56f6ffa6ef5372bf57083f1a9d5127f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:37 GMT
cache-control
max-age=120
referrer-policy
no-referrer-when-downgrade
etag
"576e050006b2257092bde4df1f457f5cd48902cb"
content-length
963
strict-transport-security
max-age=31536000
content-type
application/javascript
default.js
z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		342 B
405 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/default.js
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
ec2921213ea0f4e9ec155e072a06e43ed5abdbcb4846c14e627c17c078ce43e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:37 GMT
cache-control
max-age=120
referrer-policy
no-referrer-when-downgrade
etag
"601b01dc5cb456efbfad83e75332063601bad43e"
content-length
342
strict-transport-security
max-age=31536000
content-type
application/javascript
logo.svg
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		11 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/logo.svg
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
c2109aa73f3cc71b61b8b05d859b51dfb603584277bcc33451f38e9343959cef
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Date
Tue, 14 Dec 2021 12:31:38 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Content-Type
image/svg+xml
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
5251
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=98
Expires
Tue, 14 Dec 2021 12:41:17 GMT
logo_ebas_weiss_en.png
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/logo_ebas_weiss_en.png
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
2744bb90ae4883ee0d7ef093c28238eb90d4e18e87c6e7f5fafe3f97a490f71e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Tue, 14 Dec 2021 12:31:38 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
4593
X-XSS-Protection
1; mode=block
Expires
Tue, 14 Dec 2021 12:41:17 GMT
overlay.css
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		641 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/overlay.css
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
c961216cf8b06f0abd85e6f30cfa59898072805f8274b817e4f2bc14aa338e6b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Tue, 14 Dec 2021 12:31:37 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
641
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=99
Expires
Tue, 14 Dec 2021 12:41:17 GMT
overlay.js
z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z5h64q92x9.net/proxy_u/0.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/overlay.js
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::1:193 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
5ab136ccd5b4160256a3f7958e319df9af8a519c1ad1f97c14051685a8faba63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:38 GMT
cache-control
max-age=120
referrer-policy
no-referrer-when-downgrade
etag
"abfa65dfd9667f863de252ca2d1f6a0181e39cce"
content-length
3999
strict-transport-security
max-age=31536000
content-type
application/javascript
Roboto-Regular.ttf
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		0
0
login.woff2
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		0
0
login.ttf
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		0
0
login.woff
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		0
0
turbo.js
yastatic.net/s3/translate/v21.27.1/dist/scripts/bundles/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/translate/v21.27.1/dist/scripts/bundles/turbo.js
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
ed83a026568e6a025ec78ebefcf3e3209babd0b5ec63ade71fe016bd7b383c73
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 12:31:38 GMT
content-encoding
br
last-modified
Fri, 10 Dec 2021 13:25:00 GMT
server
nginx/1.17.9
etag
W/"f9df74cccce4f0161fdba44076854a09"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
expires
Wed, 14 Dec 2022 18:17:40 GMT
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
x-nginx-request-id
7b9a5abb74df91f2
*
yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=first_translation_request/ytr_time=3024/ytr_host=https%3A%2F%2Fwww.icorner.ch%2Fcop-ch%2F%3Flogin/ytr_lang=en-ru/ytr_url=https%3A... 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=first_translation_request/ytr_time=3024/ytr_host=https%3A%2F%2Fwww.icorner.ch%2Fcop-ch%2F%3Flogin/ytr_lang=en-ru/ytr_url=https%3A%2F%2Fwww.icorner.ch%2Fcop-ch%2F%3Flogin/ytr_sid=ba3d9eb6.61b88ea8.a91536e0.74722d75726c/ytr_srv=tr-url/ytr_ver=v21.27.1/ytr_dir=en-ru/ytr_key=first_translation_request/ytr_cur_ts=1639485098881/ytr_ui_type=desktop/ytr_is_turbo=1/path=web_desktop.url/*
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control
no-cache
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
content-length
43
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/gif
/
yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=dcl_event/ytr_time=3025/ytr_host=https://www.icorner.ch/cop-ch/ 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=dcl_event/ytr_time=3025/ytr_host=https://www.icorner.ch/cop-ch/?login/ytr_lang=en-ru/ytr_url=https://www.icorner.ch/cop-ch/?login/ytr_sid=ba3d9eb6.61b88ea8.a91536e0.74722d75726c/ytr_srv=tr-url/ytr_ver=v21.27.1/ytr_dir=en-ru/ytr_key=dcl_event/ytr_cur_ts=1639485098882/ytr_ui_type=desktop/ytr_is_turbo=1/path=web_desktop.url/*
Requested by
Host: z5h64q92x9.net
URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control
no-cache
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
content-length
43
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/gif
eye.png
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		776 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/eye.png
Requested by
Host: www.icorner.ch
URL: https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/default.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
f523f81f5781606f693a492c7524d21e80d754dbe1cc8fbb9e361d3276835f65
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Tue, 14 Dec 2021 12:31:38 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
776
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=98
Expires
Tue, 14 Dec 2021 12:41:17 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5618cf16a1aa54e9fd30e8a335ad7ea4856f24bda1b9dc41eb44b6a0c579dccb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
387a5eb25ad92e9da8b48aad6a7545ead0f5f3377b8b267c5814ae0f3ea8705c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		418 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c7a99b43c1be7d66d5bdad96ba3d8eb997b46b525d6c68180d37ef641faa4cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		602 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b58dfa9c08da7011544d09166e6de38c3998e09193872cea7061d0e03c08055

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
translate
translate.yandex.net/api/v1/tr.json/ 		804 B
857 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://translate.yandex.net/api/v1/tr.json/translate?context_title=Login%3A%20iCorn%C3%A8r%20%7C%20Corn%C3%A8rcard%20%7C%20Onlineaccess&id=ba3d9eb6.61b88ea8.a91536e0.74722d75726c-0-0&srv=tr-url&text=Login%3A%20iCorn%C3%A8r%20%7C%20Corn%C3%A8rcard%20%7C%20Onlineaccess&text=Login&text=%20%20Please%20enter%20your%20authentication%20information.%20%20&text=%20%20User%20ID%20%20&text=%3Ca%3E%20%20Forgot%20user%20ID%20%20%3C%2Fa%3E%3Cspan%3EThe%20SMS%20code%20consists%20of%20six%20digits%3C%2Fspan%3E&text=%20%20Password%20%20&text=%20%20Forgot%20password%3F%20%20&text=%20%20Not%20registered%3F%20%20%3Ca%3E%20%20Registration%20%20%3C%2Fa%3E&text=%20%20Continue%20%20&text=EN&text=DE&text=FR&text=IT&text=Imprint&lang=en-ru&format=html&options=2&
Requested by
Host: yastatic.net
URL: https://yastatic.net/s3/translate/v21.27.1/dist/scripts/addons/tr_page.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::194 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
6170df478a4154d17e3050db5719e4b8066cb4bcd03e99dec7e640fdf019ac9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://z5h64q92x9.net
date
Tue, 14 Dec 2021 12:31:39 GMT
cache-control
no-store
x-content-type-options
nosniff
content-length
804
content-type
application/json; charset=utf-8
translate
translate.yandex.net/api/v1/tr.json/ 		230 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://translate.yandex.net/api/v1/tr.json/translate?context_title=Login%3A%20iCorn%C3%A8r%20%7C%20Corn%C3%A8rcard%20%7C%20Onlineaccess&id=ba3d9eb6.61b88ea8.a91536e0.74722d75726c-1-0&srv=tr-url&text=Disclaimer&text=Privacy%20Policy&text=Security&text=OK&lang=en-ru&format=html&options=2&
Requested by
Host: yastatic.net
URL: https://yastatic.net/s3/translate/v21.27.1/dist/scripts/addons/tr_page.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::194 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7a7fb68c89146069529ebdacb8728a30cd346c7ee372461b95ca52be3736be1a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://z5h64q92x9.net
date
Tue, 14 Dec 2021 12:31:38 GMT
cache-control
no-store
x-content-type-options
nosniff
content-length
230
content-type
application/json; charset=utf-8
*
yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=first_translation_response/ytr_time=3193/ytr_host=https%3A%2F%2Fwww.icorner.ch%2Fcop-ch%2F%3Flogin/ytr_lang=en-ru/ytr_url=https%3... 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=first_translation_response/ytr_time=3193/ytr_host=https%3A%2F%2Fwww.icorner.ch%2Fcop-ch%2F%3Flogin/ytr_lang=en-ru/ytr_url=https%3A%2F%2Fwww.icorner.ch%2Fcop-ch%2F%3Flogin/ytr_sid=ba3d9eb6.61b88ea8.a91536e0.74722d75726c/ytr_srv=tr-url/ytr_ver=v21.27.1/ytr_dir=en-ru/ytr_key=first_translation_response/ytr_cur_ts=1639485099050/ytr_ui_type=desktop/ytr_is_turbo=1/path=web_desktop.url/*
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control
no-cache
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
content-length
43
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/gif
*
yandex.ru/clck/click/dtype=stred/pid=453/cid=74096/ytr_counter_name=url_translation_time/ytr_time=174/ytr_error=0/ytr_counter=1/ytr_host=https%3A%2F%2Fwww.icorner.ch%2Fcop-ch%2F%3Flogin/ytr_lang=en... 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/clck/click/dtype=stred/pid=453/cid=74096/ytr_counter_name=url_translation_time/ytr_time=174/ytr_error=0/ytr_counter=1/ytr_host=https%3A%2F%2Fwww.icorner.ch%2Fcop-ch%2F%3Flogin/ytr_lang=en-ru/ytr_url=https%3A%2F%2Fwww.icorner.ch%2Fcop-ch%2F%3Flogin/ytr_sid=ba3d9eb6.61b88ea8.a91536e0.74722d75726c/ytr_srv=tr-url/ytr_ver=v21.27.1/ytr_dir=en-ru/ytr_cur_ts=1639485099055/ytr_ui_type=desktop/ytr_is_turbo=1/path=web_desktop.url/*
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control
no-cache
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
content-length
43
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/gif
translate
translate.yandex.net/api/v1/tr.json/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://translate.yandex.net/api/v1/tr.json/translate?context_title=Login%3A%20iCorn%C3%A8r%20%7C%20Corn%C3%A8rcard%20%7C%20Onlineaccess&id=ba3d9eb6.61b88ea8.a91536e0.74722d75726c-2-0&srv=tr-url&text=%C2%A9%202021%20Corn%C3%A8rcard%20-%20Corn%C3%A8r%20Bank%20Ltd.%2C%20Via%20Canova%2016%2C%206901%20Lugano&text=Note%3A%20E-mail%20and%20telephone%20fraud&text=Cybercriminals%20are%20currently%20exploiting%20the%20uncertainties%20in%20the%20population%20regarding%20the%20coronavirus%20emergency.%3Cwbr%3EThey%20send%20false%20e-mails%20by%20impersonating%20as%20official%20authorities%20such%20as%20the%20Federal%20Office%20of%20Public%20Health%20(FOPH)%20with%20the%20aim%20of%20spreading%20malware%20or%20obtaining%20personal%20information.%3Cwbr%3ESimilar%20cases%20have%20been%20reported%20by%20telephone.%3Cwbr%3EWe%20ask%20you%20to%20delete%20such%20e-mail%20messages%20or%20to%20ignore%20telephone%20calls.&lang=en-ru&format=html&options=2&
Requested by
Host: yastatic.net
URL: https://yastatic.net/s3/translate/v21.27.1/dist/scripts/addons/tr_page.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::194 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8496da3936119eb9184cfa540a650073a12bb79bb2c18bc6ddda9abfa0040569
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://z5h64q92x9.net
date
Tue, 14 Dec 2021 12:31:39 GMT
cache-control
no-store
x-content-type-options
nosniff
content-length
1260
content-type
application/json; charset=utf-8
*
yandex.ru/clck/click/dtype=stred/pid=453/cid=74096/ytr_counter_name=url_translation_time/ytr_time=103/ytr_error=0/ytr_counter=2/ytr_host=https%3A%2F%2Fwww.icorner.ch%2Fcop-ch%2F%3Flogin/ytr_lang=en... 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/clck/click/dtype=stred/pid=453/cid=74096/ytr_counter_name=url_translation_time/ytr_time=103/ytr_error=0/ytr_counter=2/ytr_host=https%3A%2F%2Fwww.icorner.ch%2Fcop-ch%2F%3Flogin/ytr_lang=en-ru/ytr_url=https%3A%2F%2Fwww.icorner.ch%2Fcop-ch%2F%3Flogin/ytr_sid=ba3d9eb6.61b88ea8.a91536e0.74722d75726c/ytr_srv=tr-url/ytr_ver=v21.27.1/ytr_dir=en-ru/ytr_cur_ts=1639485099166/ytr_ui_type=desktop/ytr_is_turbo=1/path=web_desktop.url/*
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control
no-cache
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
content-length
43
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.icorner.ch
URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/Roboto-Regular.ttf
Domain
www.icorner.ch
URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/login.woff2?dlh8e9
Domain
www.icorner.ch
URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/login.ttf?dlh8e9
Domain
www.icorner.ch
URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/login.woff?dlh8e9

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Cornèr Bank (Banking)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| __core-js_shared__ object| core object| yt object| globalparameters function| $ function| jQuery function| moment object| bootstrap boolean| validDate boolean| futureDate object| dateNow number| currentYear function| messagePan function| messageCreditnumberValid function| messageCreditnumberInvalid function| messageBirthday function| messageBirthdayMustBe function| messageMonthInvalid function| messageDayInvalid function| messageDateInvalid function| messageDateNotInTheFuture function| messagePasswordMatch function| messagePasswordNotMatch function| messagePasswordIsStrong function| messagePasswordIsNotStrong function| messageBankFooter function| clean function| transl8 object| translation_data function| overlayTitle function| overlayMessage function| initTurboPageApp

1 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: misNSNIvbPZt6yeYW/vmcV5e+2BWSlDAJW84DwDN8z8wZbBENHJt540q9VWE7BCmjeGlIOUB6sIAURcyn5J5wnaAqI0=

10 Console Messages

Source Level URL
Text
javascript error URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Message:
Access to font at 'https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/Roboto-Regular.ttf' from origin 'https://z5h64q92x9.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/Roboto-Regular.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Message:
Access to font at 'https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/login.woff2?dlh8e9' from origin 'https://z5h64q92x9.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/login.woff2?dlh8e9
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Message:
Access to font at 'https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/login.ttf?dlh8e9' from origin 'https://z5h64q92x9.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/login.ttf?dlh8e9
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Message:
Access to font at 'https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/login.woff?dlh8e9' from origin 'https://z5h64q92x9.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/login.woff?dlh8e9
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Message:
A preload for 'https://yastatic.net/s3/translate/v21.27.1/dist/scripts/bundles/turbo.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript warning URL: https://z5h64q92x9.net/proxy_u/en-ru.ru.d91b28ca-61b880b5-080596ea-74722d776562/https/www.icorner.ch/cop-ch/?login
Message:
The resource https://yastatic.net/s3/translate/v21.27.1/dist/scripts/bundles/turbo.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

translate.yandex.net
www.icorner.ch
yandex.ru
yastatic.net
z5h64q92x9.net
www.icorner.ch
194.11.213.191
2a02:6b8:20::215
2a02:6b8::194
2a02:6b8::1:193
2a02:6b8:a::a
049bdf6dc57a3d1c9c8ef9ef365a6f4a9d6578eb3575158689ca50470f7bd52d
15c387db3a79471b99574c203f5d38620723a2c611b2c0e31c05336efd96d04d
1629ec5904e3c812dbc09fda9276b81830cc2f38c89716035f72e171af54cbcb
1c6283fafd793ca03e608582aa9f99439996ab01ac1a43f985201b8ddce4f721
2532477e8d513907453281875c0094b15c2de4f140f4a009b93cc870d58c7ebe
2744bb90ae4883ee0d7ef093c28238eb90d4e18e87c6e7f5fafe3f97a490f71e
29f96874bd53736f243f7d529a63ae9521ee5198b517d9ec41f74700f98c95fe
387a5eb25ad92e9da8b48aad6a7545ead0f5f3377b8b267c5814ae0f3ea8705c
4b58dfa9c08da7011544d09166e6de38c3998e09193872cea7061d0e03c08055
4b627c3bfe0e6e2e25cc86b5dcbab31fdb2ca9b802f7d2e3af81840ed749e9ac
5168ba395afb3dfed1e5c4cff8b0fbac7eb25783aef7006d66427a7ce0c53634
5618cf16a1aa54e9fd30e8a335ad7ea4856f24bda1b9dc41eb44b6a0c579dccb
5ab136ccd5b4160256a3f7958e319df9af8a519c1ad1f97c14051685a8faba63
5c7a99b43c1be7d66d5bdad96ba3d8eb997b46b525d6c68180d37ef641faa4cd
6170df478a4154d17e3050db5719e4b8066cb4bcd03e99dec7e640fdf019ac9b
6a547cea69e8f714a913b8a2dbc490c481c29487f2fbb40490ae7eaedf6c5f2b
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6d407ddc4b8a8ee27aa947c4ccc1a3fea37795c587d44fa40dba6fd24cbcc5b1
7a7fb68c89146069529ebdacb8728a30cd346c7ee372461b95ca52be3736be1a
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
8496da3936119eb9184cfa540a650073a12bb79bb2c18bc6ddda9abfa0040569
9ea360aab6dc6f21249c0f0b7954f3c2ffa6f2b0d6bfd340934b9d71de69af6c
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
ae344980cf0ea1a7e9b9a5049890d496118ee84bfa82f968047fdf70203450b9
c2109aa73f3cc71b61b8b05d859b51dfb603584277bcc33451f38e9343959cef
c961216cf8b06f0abd85e6f30cfa59898072805f8274b817e4f2bc14aa338e6b
dc22751b4af1a349fb9e84f9bf177f30f9a1a45f08f9c3e9cf654dadcf9f734c
e02aa7d64496e4e74f5cf9231e6a52246b4ba9685e3e9ab109c0c8fdd0cf9f28
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
ec2921213ea0f4e9ec155e072a06e43ed5abdbcb4846c14e627c17c078ce43e3
ed83a026568e6a025ec78ebefcf3e3209babd0b5ec63ade71fe016bd7b383c73
f25d9df70edcf18f2167d9a4a0325d80c56f6ffa6ef5372bf57083f1a9d5127f
f523f81f5781606f693a492c7524d21e80d754dbe1cc8fbb9e361d3276835f65