urlscan.io logo urlscan.io
SecurityTrails logo

portal.s21sec.com Open in urlscan Pro
34.111.165.252  Public Scan

Go To Rescan Add Verdict Report
URL: https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
Submission: On April 08 via api from PT — Scanned from PT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 24 HTTP transactions. The main IP is 34.111.165.252, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is portal.s21sec.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 2nd 2023. Valid for: a year.
This is the only time portal.s21sec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 34.111.165.252 396982 (GOOGLE-CL...)
2 88.84.64.8 15830 (EQUINIX)
24 2
Apex Domain
Subdomains		 Transfer
24 s21sec.com
portal.s21sec.com
api.s21sec.com
3 MB
24 1
Domain Requested by
22 portal.s21sec.com portal.s21sec.com
2 api.s21sec.com portal.s21sec.com
24 2

This site contains links to these domains. Also see Links.

Domain
www.s21sec.com
Subject Issuer Validity Valid
portal.s21sec.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-02 -
2024-10-01		 a year crt.sh
api.s21sec.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-02 -
2024-10-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
Frame ID: D086B83E66D6E114570DFFAD17075E6A
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

S21 Customer MSS Portal

Page URL History Show full URLs

  1. https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatt... Page URL
  2. https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatt... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]+href="[^>]*bootstrap-table(?:\.min)?\.css

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

2
Countries

3048 kB
Transfer

9615 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/ Page URL
  2. https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/ 		572 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
b4f10d7ecb8fa3ac32d37d28974e580e420a59013f63fe6e5633d076cfc0db4a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
pt-PT,pt;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
clear
cache-control
no-cache
content-type
text/html; charset=utf-8
date
Mon, 08 Apr 2024 15:15:12 GMT
expires
Thu, 01 Aug 1978 00:01:48 GMT
server
openresty
via
1.1 google
kramericaindustries.ac.lib.js
portal.s21sec.com/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/kramericaindustries.ac.lib.js
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
ae445fbd2829b45f50ea9105d0907b57515ca958b05b9deea71ecf6665292825

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:12 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 08 Apr 2024 00:06:14 GMT
server
openresty
etag
W/"661334f6-a5a6"
vary
Accept-Encoding
content-type
application/javascript
alt-svc
clear
vArdx0YfehvMkUinmxWEny8WUn8HRBRj
portal.s21sec.com/7060ac19f50208cbb6b45328ef94140a612ee92387e015594234077b4d1e64f1/ 		3 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/7060ac19f50208cbb6b45328ef94140a612ee92387e015594234077b4d1e64f1/vArdx0YfehvMkUinmxWEny8WUn8HRBRj
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/kramericaindustries.ac.lib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
x-zebra-2wLGYLw6
MzAwMWI1OTE3OTJhOTQ3N2Y1YmQzOTQxMWNmM2M4MmY2ZTUzMjk0NzskKGhhc2gpO194Y2FsYyhhcmd1bWVudHMuY2FsbGUpOzA7JChoYXNoKTtfeGNhbGMoYXJndW1lbnRzLmNhbGxlKTswOyQoaGFzaCk7X3hjYWxjKGFyZ3VtZW50cy5jYWxsZSk7ZGlzYWJsZWQ7JChoYXNoKTtfeGNhbGMoYXJndW1lbnRzLmNhbGxlKTtocEtxd0JORnhsR3hSTHRPckxsdE5rSFJNMndTclBKa2NzQ0NTZjdTeEFhbFlCZ2ovei9pRmZQNzV2b3Y0N0M0YXBjM0cxS0RSeWxKVzlXaFQzTmhDa2NKbGxDbFlkekxkZFZPTnc2RkxrRWp5aEVYQmhvQVZUZ2JXQ3daRjhOc2hrdVVFbklQOXBjb2hWTEhvazdEblpFbmFtMlZpRk9HVjNBRmdVUUxFZDZYVk16bi9TV1hVUjc5RWF2dUJOSWY0aWx2VlFuR1ZTUHZrdjQyb25EdXp1dzI5cnNMei82RGpZRzFSVFVVQjVVS01QUG5yd24rWDh4aHJXbitjYWs1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:12 GMT
via
1.1 google
server
openresty
alt-svc
clear
content-type
application/octet-stream
/
portal.s21sec.com/8d47-ffc3-0f63-4b3c-c5c9-5699-6d5b-3a1f/d/ 		1 B
49 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/8d47-ffc3-0f63-4b3c-c5c9-5699-6d5b-3a1f/d/
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/kramericaindustries.ac.lib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 Apr 2024 15:15:12 GMT
via
1.1 google
server
openresty
alt-svc
clear
content-type
application/octet-stream
favicon.ico
portal.s21sec.com/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:12 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
via
1.1 google
etag
W/"660c23e4-3aee"
vary
Accept-Encoding
content-type
image/x-icon
alt-svc
clear
Primary Request /
portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/kramericaindustries.ac.lib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
ff9577d6f76e79481814f34b5462ff4fa1329018311a5bcf917e7a97b0479f73
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
pt-PT,pt;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
clear
content-encoding
gzip
content-type
text/html
date
Mon, 08 Apr 2024 15:15:12 GMT
etag
W/"660c23e4-1031"
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
strict-transport-security
max-age=63072000
vary
Accept-Encoding
via
1.1 google
google-font-roboto.css
portal.s21sec.com/css/ 		9 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/css/google-font-roboto.css?v=36
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
ca59f2f15d160cedf11efc8ffec08f9d40208aa94d5f9149c06053e2d2846c37
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:12 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
via
1.1 google
etag
W/"660c23e4-25b3"
vary
Accept-Encoding
content-type
text/css
alt-svc
clear
default-theme.css
portal.s21sec.com/css/ 		311 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/css/default-theme.css?v=36
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
8405518258f8929f583124485f349eaaf4faaf4fa1e51ebd1ca83076fb9d5ad3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:12 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
via
1.1 google
etag
W/"660c23e4-4da5b"
vary
Accept-Encoding
content-type
text/css
alt-svc
clear
react-bootstrap-table.min.css
portal.s21sec.com/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/css/react-bootstrap-table.min.css?v=36
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
1d0a3869fefd9e6682809a09a868f0581a4b38b475d3792e3f948675d25a40b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:12 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
via
1.1 google
etag
W/"660c23e4-1ee5"
vary
Accept-Encoding
content-type
text/css
alt-svc
clear
Typeahead.min.css
portal.s21sec.com/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/css/Typeahead.min.css?v=36
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
8077aaefb7b656d4d375c8ed68246e68fe3332081a87853e5545fd46a8553e7b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:12 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
via
1.1 google
etag
W/"660c23e4-1371"
vary
Accept-Encoding
content-type
text/css
alt-svc
clear
popup-aviso.css
portal.s21sec.com/css/ 		2 KB
787 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/css/popup-aviso.css?v=36
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
d5f813b04501ee3f5e342eb816d9c929c88f7a3dc5f4f11952e9980d77f49ce7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:12 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
via
1.1 google
etag
W/"660c23e4-86c"
vary
Accept-Encoding
content-type
text/css
alt-svc
clear
multiselect.css
portal.s21sec.com/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/css/multiselect.css?v=36
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
89387c656875a1db1aa47ba1106db1e1ee8b0cac521e7526da7040ec91b85a50
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:12 GMT
strict-transport-security
max-age=63072000
via
1.1 google
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
etag
"660c23e4-4f4"
content-type
text/css
accept-ranges
bytes
alt-svc
clear
content-length
1268
2.3e193ca7.chunk.js
portal.s21sec.com/static/js/ 		5 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/static/js/2.3e193ca7.chunk.js
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
280a0bbf9ef0d5bb3b07e4475f7c5c88fde5119ec7220b6aada7d5ee75dc0347
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:12 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
via
1.1 google
etag
W/"660c23e4-53601f"
vary
Accept-Encoding
content-type
application/javascript
alt-svc
clear
main.562e1760.chunk.js
portal.s21sec.com/static/js/ 		3 MB
576 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/static/js/main.562e1760.chunk.js
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
984dfad66a26aabd3aaf2d22394a9a2eb3a3b09b2ffbc7469e0402e1b7c3ef77
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:12 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
via
1.1 google
etag
W/"660c23e4-30b157"
vary
Accept-Encoding
content-type
application/javascript
alt-svc
clear
/
api.s21sec.com/en/auth/token/jwt/verify/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.s21sec.com/en/auth/token/jwt/verify/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.84.64.8 Leganés, Spain, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; connect-src https: wss:
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://portal.s21sec.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
accept, authorization, content-type, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://portal.s21sec.com
access-control-max-age
600
content-length
0
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; connect-src https: wss:
content-type
text/html; charset=utf-8
date
Mon, 08 Apr 2024 15:15:14 GMT
referrer-policy
same-origin strict-origin
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains; preload
vary
origin
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
api.s21sec.com/en/auth/token/jwt/verify/ 		41 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.s21sec.com/en/auth/token/jwt/verify/
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/static/js/2.3e193ca7.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.84.64.8 Leganés, Spain, ASN15830 (EQUINIX, NL),
Reverse DNS
Software
nginx /
Resource Hash
633b00ff8c48451a6d08c47bdb7b257711893814bbf4000c9683654aaac9f600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
Authorization
JWT null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://portal.s21sec.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:14 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx
x-frame-options
DENY
vary
Accept, origin, Cookie
content-language
en
allow
POST, OPTIONS
access-control-allow-origin
https://portal.s21sec.com
content-type
application/json
content-length
41
x-xss-protection
1; mode=block
audio.svg
portal.s21sec.com/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.s21sec.com/img/audio.svg
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/css/default-theme.css?v=36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
bc99c08e427f963915fd1a48c3abdd823c2a555f9d242d246c0257da0ebf8806
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/css/default-theme.css?v=36
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:14 GMT
strict-transport-security
max-age=63072000
via
1.1 google
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
etag
"660c23e4-564"
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
clear
content-length
1380
favicon-32x32.png
portal.s21sec.com/img/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/img/favicon-32x32.png?v=36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
459b3a52533ccac3900b70175c6c667d56f2117172a109febaceb350b218f490
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/threat-intelligence/digital-brand-protection/detail/32420/phishingybersquatting/
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:14 GMT
strict-transport-security
max-age=63072000
via
1.1 google
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
etag
"660c23e4-4a9"
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
1193
s21-thales-logo-white.png
portal.s21sec.com/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.s21sec.com/img/s21-thales-logo-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e53396afb73ca5a48d4492ff1ece45dc834e9cb9258fb1a4019f215c30a8d6ab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/login
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:15 GMT
strict-transport-security
max-age=63072000
via
1.1 google
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
etag
"660c23e4-27dd"
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
10205
flag-spain.svg
portal.s21sec.com/img/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.s21sec.com/img/flag-spain.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
79631ff960513b9cab7ae470bc3ba0329e394d08075d0633287874c542203c6c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/login
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:15 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
via
1.1 google
etag
W/"660c23e4-10c8"
vary
Accept-Encoding
content-type
image/svg+xml
alt-svc
clear
flag-portugal.svg
portal.s21sec.com/img/ 		2 KB
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.s21sec.com/img/flag-portugal.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
4c8e318a643b55e956282a56c51fdcf1adae7069a333ade3d714882c224c99d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/login
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:15 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
via
1.1 google
etag
W/"660c23e4-765"
vary
Accept-Encoding
content-type
image/svg+xml
alt-svc
clear
favicon-32x32.png
portal.s21sec.com/img/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/img/favicon-32x32.png?v=36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
459b3a52533ccac3900b70175c6c667d56f2117172a109febaceb350b218f490
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/login
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:15 GMT
strict-transport-security
max-age=63072000
via
1.1 google
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
etag
"660c23e4-4a9"
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
1193
login-bg-2023.jpg
portal.s21sec.com/img/ 		738 KB
739 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.s21sec.com/img/login-bg-2023.jpg
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/css/default-theme.css?v=36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
ef195974286947217a867981c6a3ee92f9c13eb503bf11e82f981459938d3adf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/css/default-theme.css?v=36
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:15 GMT
strict-transport-security
max-age=63072000
via
1.1 google
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
etag
"660c23e4-b89ba"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
clear
content-length
756154
S21sec-CMSSP.ttf
portal.s21sec.com/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.s21sec.com/fonts/S21sec-CMSSP.ttf?u9gbf8
Requested by
Host: portal.s21sec.com
URL: https://portal.s21sec.com/css/default-theme.css?v=36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.165.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.165.111.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
b40a8469dff7393dc74d05bb290eda167438edbc945266c772169a7debac717e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.s21sec.com/css/default-theme.css?v=36
Origin
https://portal.s21sec.com
accept-language
pt-PT,pt;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 15:15:15 GMT
strict-transport-security
max-age=63072000
via
1.1 google
last-modified
Tue, 02 Apr 2024 15:27:32 GMT
server
openresty
etag
"660c23e4-2088"
content-type
application/octet-stream
accept-ranges
bytes
alt-svc
clear
content-length
8328

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonps21sec object| __core-js_shared__ function| BootstrapTable function| TableHeaderColumn function| InsertModalHeader function| InsertModalBody function| InsertModalFooter function| InsertButton function| DeleteButton function| ShowSelectedOnlyButton function| ExportCSVButton function| ClearSearchButton function| SearchField function| ButtonGroup function| SizePerPageDropDown function| saveAs object| regeneratorRuntime function| setImmediate function| clearImmediate object| pdfMake function| isIE function| checkIEAlert function| showNotice function| hideNotice object| specifiedElement

2 Cookies

Domain/Path Name / Value
portal.s21sec.com/ Name: GCLB
Value: CMrb3sKhqteNLBAD
.portal.s21sec.com/ Name: rbzid
Value: gt5pG7rCUawiKSdCAuBUbJVwEmFoDoYWIers3BJdfUnr/ZLutlP+6fRgvTgLJVw5hyW4LVDKCwDO4b0szlQBjg7U58iLX6Omk3RuzU1biGxe+Hcpw5yeoD5UMuQMy7fVheEV1/913865ArvY/mgQ3/Xli0hH6TinuDEuL2h4Hq2gvZfC7wlmZnlMOFBWi7V6OHi6OnM67g7J4EWJ302e/5FFVFihHjtD4cUWs79QnfUcNRWnkQo7jVOVHMcmTQlt

2 Console Messages

Source Level URL
Text
network error URL: https://api.s21sec.com/en/auth/token/jwt/verify/
Message:
Failed to load resource: the server responded with a status of 400 ()
recommendation verbose URL: https://portal.s21sec.com/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.s21sec.com
portal.s21sec.com
34.111.165.252
88.84.64.8
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
1d0a3869fefd9e6682809a09a868f0581a4b38b475d3792e3f948675d25a40b0
280a0bbf9ef0d5bb3b07e4475f7c5c88fde5119ec7220b6aada7d5ee75dc0347
459b3a52533ccac3900b70175c6c667d56f2117172a109febaceb350b218f490
4c8e318a643b55e956282a56c51fdcf1adae7069a333ade3d714882c224c99d7
633b00ff8c48451a6d08c47bdb7b257711893814bbf4000c9683654aaac9f600
79631ff960513b9cab7ae470bc3ba0329e394d08075d0633287874c542203c6c
8077aaefb7b656d4d375c8ed68246e68fe3332081a87853e5545fd46a8553e7b
8405518258f8929f583124485f349eaaf4faaf4fa1e51ebd1ca83076fb9d5ad3
89387c656875a1db1aa47ba1106db1e1ee8b0cac521e7526da7040ec91b85a50
984dfad66a26aabd3aaf2d22394a9a2eb3a3b09b2ffbc7469e0402e1b7c3ef77
ae445fbd2829b45f50ea9105d0907b57515ca958b05b9deea71ecf6665292825
b40a8469dff7393dc74d05bb290eda167438edbc945266c772169a7debac717e
b4f10d7ecb8fa3ac32d37d28974e580e420a59013f63fe6e5633d076cfc0db4a
bc99c08e427f963915fd1a48c3abdd823c2a555f9d242d246c0257da0ebf8806
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca59f2f15d160cedf11efc8ffec08f9d40208aa94d5f9149c06053e2d2846c37
d5f813b04501ee3f5e342eb816d9c929c88f7a3dc5f4f11952e9980d77f49ce7
e53396afb73ca5a48d4492ff1ece45dc834e9cb9258fb1a4019f215c30a8d6ab
ef195974286947217a867981c6a3ee92f9c13eb503bf11e82f981459938d3adf
ff9577d6f76e79481814f34b5462ff4fa1329018311a5bcf917e7a97b0479f73