urlscan.io logo urlscan.io
SecurityTrails logo

nordsepostpaket-8e3b75.ingress-earth.easywp.com Open in urlscan Pro
63.250.43.128  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://i-corngerchag.info/?email=o
Effective URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f51...
Submission: On August 13 via manual from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 27 HTTP transactions. The main IP is 63.250.43.128, located in United States and belongs to NAMECHEAP-NET, US. The main domain is nordsepostpaket-8e3b75.ingress-earth.easywp.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 7th 2021. Valid for: a year.
This is the only time nordsepostpaket-8e3b75.ingress-earth.easywp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Cornèr Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 167.99.242.112 14061 (DIGITALOC...)
1 5 63.250.43.128 22612 (NAMECHEAP...)
18 194.11.213.191 3303 (SWISSCOM ...)
27 4
Domain Requested by
18 www.icorner.ch nordsepostpaket-8e3b75.ingress-earth.easywp.com
www.icorner.ch
5 nordsepostpaket-8e3b75.ingress-earth.easywp.com 1 redirects
1 i-corngerchag.info
27 3

This site contains links to these domains. Also see Links.

Domain
www.ebas.ch
Subject Issuer Validity Valid
*.i-corngerchag.info
R3		 2021-08-11 -
2021-11-09		 3 months crt.sh
*.ingress-earth.easywp.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-07 -
2022-04-07		 a year crt.sh
www.icorner.ch
DigiCert ECC Extended Validation Server CA		 2020-07-24 -
2022-07-29		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Frame ID: D2C41C75214A36FCCFA07D38FAFD37AB
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://i-corngerchag.info/?email=o Page URL
  2. https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/maildirect/ Page URL
  3. https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/?acs=100000012032 Page URL
  4. https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/?pwd=251219 HTTP 302
    https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/index.php?NAME_PATH=track_yy_dl24&SCREEN=identification_... Page URL
  5. https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104e... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^Netlify/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

27
Requests

85 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

385 kB
Transfer

503 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://i-corngerchag.info/?email=o Page URL
  2. https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/maildirect/ Page URL
  3. https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/?acs=100000012032 Page URL
  4. https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/?pwd=251219 HTTP 302
    https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/index.php?NAME_PATH=track_yy_dl24&SCREEN=identification_contrat_paiement Page URL
  5. https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/?pwd=251219 HTTP 302
  • https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/index.php?NAME_PATH=track_yy_dl24&SCREEN=identification_contrat_paiement

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
i-corngerchag.info/ 		195 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i-corngerchag.info/?email=o
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
d62aba99246ec99d2066d408df096955a5a4b5127de1e14b3af2c1f0b5daf5d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
i-corngerchag.info
:scheme
https
:path
/?email=o
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
public, max-age=0, must-revalidate
content-length
195
content-type
text/html; charset=UTF-8
date
Thu, 12 Aug 2021 15:37:40 GMT
etag
"62230a53e5efd83e1b1cac53ceec82d8-ssl"
strict-transport-security
max-age=31536000
x-nf-request-id
01FCZBFZKY2RTGHF3XXVZT0F15
server
Netlify
age
62193
/
nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/maildirect/ 		155 B
454 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/maildirect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.128 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-earth.easywp.com
Software
nginx /
Resource Hash
fe2e00865b308f1f1f7c0c3d4100373a56605a93a7d5708d70f395cd1c0fa895
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
nordsepostpaket-8e3b75.ingress-earth.easywp.com
:scheme
https
:path
/login/maildirect/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://i-corngerchag.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://i-corngerchag.info/

Response headers

server
nginx
date
Fri, 13 Aug 2021 08:54:11 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
public
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
age
0
x-cache
MISS
accept-ranges
bytes
content-length
143
strict-transport-security
max-age=15768000
/
nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/ 		65 B
526 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/?acs=100000012032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.128 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-earth.easywp.com
Software
nginx /
Resource Hash
351fb1f92bf824ed8926894a535e1888f414b83e493ce14659e2858ac9e5ac1c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
nordsepostpaket-8e3b75.ingress-earth.easywp.com
:scheme
https
:path
/login/?acs=100000012032
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/maildirect/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/maildirect/

Response headers

server
nginx
date
Fri, 13 Aug 2021 08:54:11 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=vnlv61hut4nk4qv38nhv9mr5nt; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, public
pragma
no-cache
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
age
0
x-cache
MISS
accept-ranges
bytes
content-length
85
strict-transport-security
max-age=15768000
index.php
nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/
Redirect Chain
  • https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/?pwd=251219
  • https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/index.php?NAME_PATH=track_yy_dl24&SCREEN=identification_contrat_paiement
226 B
508 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/index.php?NAME_PATH=track_yy_dl24&SCREEN=identification_contrat_paiement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.128 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-earth.easywp.com
Software
nginx /
Resource Hash
84ed653cac59b57698eee7d86e0bd61a18316f4c96883ca656238bc160a108b0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
nordsepostpaket-8e3b75.ingress-earth.easywp.com
:scheme
https
:path
/login/cop-ch/secure/index.php?NAME_PATH=track_yy_dl24&SCREEN=identification_contrat_paiement
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/?acs=100000012032
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=vnlv61hut4nk4qv38nhv9mr5nt
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/?acs=100000012032

Response headers

server
nginx
date
Fri, 13 Aug 2021 08:54:12 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
public
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
age
0
x-cache
MISS
accept-ranges
bytes
strict-transport-security
max-age=15768000

Redirect headers

server
nginx
date
Fri, 13 Aug 2021 08:54:11 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, public
pragma
no-cache
location
./secure/index.php?NAME_PATH=track_yy_dl24&SCREEN=identification_contrat_paiement
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
age
0
x-cache
MISS
content-length
0
strict-transport-security
max-age=15768000
Primary Request login.html
nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/ 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.128 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-earth.easywp.com
Software
nginx /
Resource Hash
86beb92550a450db2760b99dfcd37d3bc906b4ff1c1e293329db289fc372c076
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
nordsepostpaket-8e3b75.ingress-earth.easywp.com
:scheme
https
:path
/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/index.php?NAME_PATH=track_yy_dl24&SCREEN=identification_contrat_paiement
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=vnlv61hut4nk4qv38nhv9mr5nt
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/index.php?NAME_PATH=track_yy_dl24&SCREEN=identification_contrat_paiement

Response headers

server
nginx
date
Fri, 13 Aug 2021 08:54:12 GMT
content-type
text/html
last-modified
Thu, 12 Aug 2021 15:24:58 GMT
vary
Accept-Encoding
etag
W/"61153d4a-25b2"
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
public
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
age
0
x-cache
MISS
accept-ranges
bytes
strict-transport-security
max-age=15768000
bootstrap.min.css
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		150 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/bootstrap.min.css
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:12 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
must-revalidate
Transfer-Encoding
chunked
Connection
Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=10
Expires
Fri, 13 Aug 2021 09:04:46 GMT
sticky-footer-navbar.css
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		517 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/sticky-footer-navbar.css
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
049bdf6dc57a3d1c9c8ef9ef365a6f4a9d6578eb3575158689ca50470f7bd52d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:12 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
517
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=10
Expires
Fri, 13 Aug 2021 09:04:46 GMT
default.css
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		10 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/default.css
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
1629ec5904e3c812dbc09fda9276b81830cc2f38c89716035f72e171af54cbcb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:12 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
3173
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=10
Expires
Fri, 13 Aug 2021 09:04:46 GMT
icons.css
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/icons.css
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
5168ba395afb3dfed1e5c4cff8b0fbac7eb25783aef7006d66427a7ce0c53634
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:12 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
514
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=10
Expires
Fri, 13 Aug 2021 09:04:46 GMT
ie7.css
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		761 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ie7.css
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
6a547cea69e8f714a913b8a2dbc490c481c29487f2fbb40490ae7eaedf6c5f2b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:12 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
761
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=10
Expires
Fri, 13 Aug 2021 09:04:46 GMT
jquery-3.3.1.min.js
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		85 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/jquery-3.3.1.min.js
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:12 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=10
Content-Length
86926
X-XSS-Protection
1; mode=block
Expires
Fri, 13 Aug 2021 09:04:46 GMT
jquery.inputmasked.js
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/jquery.inputmasked.js
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
1c6283fafd793ca03e608582aa9f99439996ab01ac1a43f985201b8ddce4f721
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:12 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=9
Content-Length
10418
X-XSS-Protection
1; mode=block
Expires
Fri, 13 Aug 2021 09:04:46 GMT
jquery.cookie.js
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/jquery.cookie.js
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
29f96874bd53736f243f7d529a63ae9521ee5198b517d9ec41f74700f98c95fe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:12 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=9
Content-Length
3697
X-XSS-Protection
1; mode=block
Expires
Fri, 13 Aug 2021 09:04:46 GMT
momentjs.js
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		146 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/momentjs.js
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
e02aa7d64496e4e74f5cf9231e6a52246b4ba9685e3e9ab109c0c8fdd0cf9f28
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:12 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=9
Content-Length
148999
X-XSS-Protection
1; mode=block
Expires
Fri, 13 Aug 2021 09:04:46 GMT
bootstrap.min.js
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		54 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/bootstrap.min.js
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:12 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=9
Content-Length
55775
X-XSS-Protection
1; mode=block
Expires
Fri, 13 Aug 2021 09:04:46 GMT
validation.js
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/validation.js
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
15c387db3a79471b99574c203f5d38620723a2c611b2c0e31c05336efd96d04d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:12 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=9
Content-Length
10882
X-XSS-Protection
1; mode=block
Expires
Fri, 13 Aug 2021 09:04:46 GMT
common-translation.js
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		963 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/common-translation.js
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
f25d9df70edcf18f2167d9a4a0325d80c56f6ffa6ef5372bf57083f1a9d5127f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:12 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
963
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=8
Expires
Fri, 13 Aug 2021 09:04:46 GMT
default.js
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		342 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/default.js
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
ec2921213ea0f4e9ec155e072a06e43ed5abdbcb4846c14e627c17c078ce43e3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:12 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
342
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=8
Expires
Fri, 13 Aug 2021 09:04:46 GMT
logo.svg
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		11 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/logo.svg
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
c2109aa73f3cc71b61b8b05d859b51dfb603584277bcc33451f38e9343959cef
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:13 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Content-Type
image/svg+xml
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
5251
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=8
Expires
Fri, 13 Aug 2021 09:04:46 GMT
logo_ebas_weiss_de.png
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/logo_ebas_weiss_de.png
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
8a14aa5d7e714a46585e47b03c1090f128c19afb42ccd1ff8676aea30f204d23
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:13 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=7
Content-Length
4857
X-XSS-Protection
1; mode=block
Expires
Fri, 13 Aug 2021 09:04:46 GMT
overlay.css
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		641 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/overlay.css
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
c961216cf8b06f0abd85e6f30cfa59898072805f8274b817e4f2bc14aa338e6b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:13 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
641
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=7
Expires
Fri, 13 Aug 2021 09:04:46 GMT
overlay.js
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/overlay.js
Requested by
Host: nordsepostpaket-8e3b75.ingress-earth.easywp.com
URL: https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/login/cop-ch/secure/login.html?acs=_connect-run&secure=5540zef1415405412104ef151511d7f84f5ze1f510eec8bd0e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
5ab136ccd5b4160256a3f7958e319df9af8a519c1ad1f97c14051685a8faba63
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordsepostpaket-8e3b75.ingress-earth.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:13 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=8
Content-Length
3999
X-XSS-Protection
1; mode=block
Expires
Fri, 13 Aug 2021 09:04:46 GMT
Roboto-Regular.ttf
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		0
0
login.woff2
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		0
0
eye.png
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		776 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/eye.png
Requested by
Host: www.icorner.ch
URL: https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/default.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.213.191 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
f523f81f5781606f693a492c7524d21e80d754dbe1cc8fbb9e361d3276835f65
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' dpm.demdex.net ; img-src 'self' metrics.icorner.ch smetrics.icorner.ch https://*.cornercard.ch data:; font-src 'self' data:; frame-src 'self'; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 13 Aug 2021 08:54:13 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
must-revalidate
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
776
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=6
Expires
Fri, 13 Aug 2021 09:04:46 GMT
login.ttf
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		0
0
login.woff
www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.icorner.ch
URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/Roboto-Regular.ttf
Domain
www.icorner.ch
URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/login.woff2?dlh8e9
Domain
www.icorner.ch
URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/login.ttf?dlh8e9
Domain
www.icorner.ch
URL
https://www.icorner.ch/nevislogrend/nevislogrend/applications/www-icorner-ch--realm/webdata/resources/login.woff?dlh8e9

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Cornèr Bank (Banking)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| globalparameters function| $ function| jQuery function| moment object| bootstrap boolean| validDate boolean| futureDate object| dateNow number| currentYear function| messagePan function| messageCreditnumberValid function| messageCreditnumberInvalid function| messageBirthday function| messageBirthdayMustBe function| messageMonthInvalid function| messageDayInvalid function| messageDateInvalid function| messageDateNotInTheFuture function| messagePasswordMatch function| messagePasswordNotMatch function| messagePasswordIsStrong function| messagePasswordIsNotStrong function| messageBankFooter function| clean function| transl8 object| translation_data function| overlayTitle function| overlayMessage

1 Cookies

Domain/Path Name / Value
nordsepostpaket-8e3b75.ingress-earth.easywp.com/ Name: PHPSESSID
Value: vnlv61hut4nk4qv38nhv9mr5nt

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i-corngerchag.info
nordsepostpaket-8e3b75.ingress-earth.easywp.com
www.icorner.ch
www.icorner.ch
167.99.242.112
194.11.213.191
63.250.43.128
049bdf6dc57a3d1c9c8ef9ef365a6f4a9d6578eb3575158689ca50470f7bd52d
15c387db3a79471b99574c203f5d38620723a2c611b2c0e31c05336efd96d04d
1629ec5904e3c812dbc09fda9276b81830cc2f38c89716035f72e171af54cbcb
1c6283fafd793ca03e608582aa9f99439996ab01ac1a43f985201b8ddce4f721
29f96874bd53736f243f7d529a63ae9521ee5198b517d9ec41f74700f98c95fe
351fb1f92bf824ed8926894a535e1888f414b83e493ce14659e2858ac9e5ac1c
5168ba395afb3dfed1e5c4cff8b0fbac7eb25783aef7006d66427a7ce0c53634
5ab136ccd5b4160256a3f7958e319df9af8a519c1ad1f97c14051685a8faba63
6a547cea69e8f714a913b8a2dbc490c481c29487f2fbb40490ae7eaedf6c5f2b
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
84ed653cac59b57698eee7d86e0bd61a18316f4c96883ca656238bc160a108b0
86beb92550a450db2760b99dfcd37d3bc906b4ff1c1e293329db289fc372c076
8a14aa5d7e714a46585e47b03c1090f128c19afb42ccd1ff8676aea30f204d23
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
c2109aa73f3cc71b61b8b05d859b51dfb603584277bcc33451f38e9343959cef
c961216cf8b06f0abd85e6f30cfa59898072805f8274b817e4f2bc14aa338e6b
d62aba99246ec99d2066d408df096955a5a4b5127de1e14b3af2c1f0b5daf5d1
e02aa7d64496e4e74f5cf9231e6a52246b4ba9685e3e9ab109c0c8fdd0cf9f28
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
ec2921213ea0f4e9ec155e072a06e43ed5abdbcb4846c14e627c17c078ce43e3
f25d9df70edcf18f2167d9a4a0325d80c56f6ffa6ef5372bf57083f1a9d5127f
f523f81f5781606f693a492c7524d21e80d754dbe1cc8fbb9e361d3276835f65
fe2e00865b308f1f1f7c0c3d4100373a56605a93a7d5708d70f395cd1c0fa895