Submitted URL: http://dutestcos.esy.es/ma.php
Effective URL: https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Submission: On June 19 via automatic , source phishtank

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 27 HTTP transactions.
The main IP is 195.186.145.195, located in Switzerland and belongs to SWISSCOM-MPLS-TRANSIT Swisscom MPLS/VPN Transit Network, CH. The main domain is login.sso.bluewin.ch.
TLS certificate: Issued by SwissSign EV Gold CA 2014 - G22 on March 21st 2018. Valid for: 2 years.
This is the first time this domain was scanned on urlscan.io!

Verdict: Malicious (Score: 10/100) Show Details

  • urlscan - Score: 0
  • phishtank - Score: 10 (URL submitted from phishtank) -
    phishing

Domain & IP information

IP Address AS Autonomous System
1 1 31.170.167.177 47583 (HOSTINGER-AS)
1 1 213.3.75.34 3303 (SWISSCOM ...)
1 1 195.186.101.188 3303 (SWISSCOM ...)
6 195.186.145.195 60633 (SWISSCOM-...)
7 195.186.196.30 60633 (SWISSCOM-...)
14 195.186.101.189 3303 (SWISSCOM ...)
27 3
Domain
Subdomains
Transfer
29 bluewin.ch
496 KB
1 esy.es
320 B
27 2
Domain Requested by
14 rich-v02.bluewin.ch login.sso.bluewin.ch
rich-v02.bluewin.ch
13 login.sso.bluewin.ch login.sso.bluewin.ch
1 rich.bluewin.ch 1 redirects
1 www.bluewin.ch 1 redirects
1 dutestcos.esy.es 1 redirects
27 5

This site contains links to these domains. Also see Links.

Domain
registration.scl.swisscom.ch
www.swisscom.ch
swisscom.ch
Subject / Issuer Validity Valid
login.sso.bluewin.ch
SwissSign EV Gold CA 2014 - G22
2018-03-21 -
2020-03-21
2 years
rich.bluewin.ch
SwissSign EV Gold CA 2014 - G22
2018-02-21 -
2019-02-21
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr

Redirect Chain
  • http://dutestcos.esy.es/ma.php
  • https://www.bluewin.ch/fr/email/
  • https://rich.bluewin.ch/cp/applink/sso/ServiceEntry?d=bluewin.ch&l=fr
  • https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
9 KB
3 KB
Document
General
Full URL
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.186.145.195 , Switzerland, ASN60633 (SWISSCOM-MPLS-TRANSIT Swisscom MPLS/VPN Transit Network, CH),
Reverse DNS
Software
/
Resource Hash
08a67ebad07be7dbab563aa5d4d52d2e6cfe8846f106bddc6c8718ed3a89eb27

Request headers

Host
login.sso.bluewin.ch
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
57162A684585E12BAD0B6BE61845193C

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Set-Cookie
JSESSIONID=590B7FBB9390604AF277279C0461CC77; Path=/; Secure hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; Path=/
ETag
"0e6c6532a7d3b2c9a5a1d7d022b14d20a"
Content-Type
text/html;charset=ISO-8859-1
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2585
Connection
close

Redirect headers

Server
nginx
Date
Tue, 19 Jun 2018 04:07:09 GMT
Content-Type
text/html;charset=utf-8
Content-Length
0
Connection
keep-alive
Set-Cookie
JSESSIONID=DF898A680582B44A3EE677C3C96EA7A1; Path=/cp; Secure webtoptoken=""; Path=/; Max-Age=0; Expires=Tue, 19-Jun-2018 06:07:09 GMT; HttpOnly; Secure webtopsessionid=4_uhIUQP-1900; Path=/; HttpOnly; Secure WebtopRememberMe=""; Path=/; Max-Age=0; Expires=Tue, 19-Jun-2018 06:07:09 GMT; HttpOnly; Secure pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281; Domain=.bluewin.ch; Path=/; HTTPOnly; Secure s=""; path=/; Max-Age=0; domain=.bluewin.ch; HttpOnly
X-Xss-Protection
1; mode=block
X-Frame-Options
sameorigin
X-Dns-Prefetch-Control
off
Strict-Transport-Security
max-age=15768000 ; includeSubDomains
X-Content-Type-Options
nosniff
Cache-Control
no-store
Pragma
no-cache
Expires
0
Location
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Cookie set all-critical.css
/resources/styles
17 KB
7 KB
Stylesheet
General
Full URL
https://login.sso.bluewin.ch/resources/styles/all-critical.css
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.186.196.30 , Switzerland, ASN60633 (SWISSCOM-MPLS-TRANSIT Swisscom MPLS/VPN Transit Network, CH),
Reverse DNS
Software
/
Resource Hash
6a402a56b5296e86a5efbeb082e239abc31aa7b1550e32cc1947968fa9faebff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
login.sso.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281; JSESSIONID=590B7FBB9390604AF277279C0461CC77; hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B
Connection
keep-alive
Cache-Control
no-cache
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 May 2018 20:36:37 GMT
ETag
"0bb93885233ac01f09c5d33b5442258ce"
Vary
Accept-Encoding
Content-Type
text/css
Set-Cookie
JSESSIONID=B5AB9A0E7913F4638564C9A036B68618; Path=/; Secure hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; Path=/
Cache-Control
max-age=10000, must-revalidate
Connection
close
Content-Length
6790
Expires
Tue, 19 Jun 2018 06:53:49 GMT
Cookie set eye-icon.png
/resources/images
389 B
835 B
Image
General
Full URL
https://login.sso.bluewin.ch/resources/images/eye-icon.png
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.186.196.30 , Switzerland, ASN60633 (SWISSCOM-MPLS-TRANSIT Swisscom MPLS/VPN Transit Network, CH),
Reverse DNS
Software
/
Resource Hash
0758038f59c63e039cb49019ed372ad4c8c954f29123036519265ab65cc1034d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
login.sso.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281; JSESSIONID=590B7FBB9390604AF277279C0461CC77; hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B
Connection
keep-alive
Cache-Control
no-cache
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Last-Modified
Tue, 22 May 2018 20:29:08 GMT
ETag
"0dd4c08150c74783d6044747c983a1206"
Content-Type
image/png
Set-Cookie
JSESSIONID=19C89CA6D9325C3ACD9EEAB0C0699ABE; Path=/; Secure hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; Path=/
Cache-Control
max-age=10000, must-revalidate
Connection
close
Content-Length
389
Expires
Tue, 19 Jun 2018 06:53:49 GMT
Cookie set critical.js
/resources/scripts
17 KB
7 KB
Script
General
Full URL
https://login.sso.bluewin.ch/resources/scripts/critical.js
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.186.196.30 , Switzerland, ASN60633 (SWISSCOM-MPLS-TRANSIT Swisscom MPLS/VPN Transit Network, CH),
Reverse DNS
Software
/
Resource Hash
8390fbc9533f4baba09fc5d92999ce77139e089c02991fd4e006f8ac19f1b9dc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
login.sso.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281; hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; JSESSIONID=19C89CA6D9325C3ACD9EEAB0C0699ABE
Connection
keep-alive
Cache-Control
no-cache
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 May 2018 20:36:37 GMT
ETag
"0255cb71b1abccfa446b1b85c856ca1a6"
Vary
Accept-Encoding
Content-Type
text/javascript
Set-Cookie
JSESSIONID=D3D2356881828EDC446B524CBE097E8C; Path=/; Secure hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; Path=/
Cache-Control
max-age=10000, must-revalidate
Connection
close
Content-Length
6521
Expires
Tue, 19 Jun 2018 06:53:49 GMT
Cookie set all.js
/resources/scripts
94 KB
33 KB
Script
General
Full URL
https://login.sso.bluewin.ch/resources/scripts/all.js
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.186.145.195 , Switzerland, ASN60633 (SWISSCOM-MPLS-TRANSIT Swisscom MPLS/VPN Transit Network, CH),
Reverse DNS
Software
/
Resource Hash
3a372bd0651f93402cb97fed3e454d84cc31e71ac7b6541134ced03ded3de60f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
login.sso.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281; hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; JSESSIONID=19C89CA6D9325C3ACD9EEAB0C0699ABE
Connection
keep-alive
Cache-Control
no-cache
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 May 2018 20:29:09 GMT
ETag
"09bbd2d0c42ff58ac3c9206495f0e3d30"
Vary
Accept-Encoding
Content-Type
text/javascript
Set-Cookie
JSESSIONID=B5F56E9962E771F7682B2803E307D710; Path=/; Secure hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; Path=/
Cache-Control
max-age=10000, must-revalidate
Connection
close
Content-Length
32891
Expires
Tue, 19 Jun 2018 06:53:49 GMT
print.css
/resources/styles
219 B
536 B
Stylesheet
General
Full URL
https://login.sso.bluewin.ch/resources/styles/print.css
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.186.196.30 , Switzerland, ASN60633 (SWISSCOM-MPLS-TRANSIT Swisscom MPLS/VPN Transit Network, CH),
Reverse DNS
Software
/
Resource Hash
4209d7e035803482049874ef71331e4765c6e16a1fa522997fb88b74ebc50a64

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
login.sso.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281; hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; JSESSIONID=19C89CA6D9325C3ACD9EEAB0C0699ABE
Connection
keep-alive
Cache-Control
no-cache
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 May 2018 20:36:37 GMT
ETag
"0c649b5adb22e4d2cc58f3add099d8a39"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=10000, must-revalidate
Connection
close
Content-Length
193
Expires
Tue, 19 Jun 2018 06:53:49 GMT
login-background-desktop.jpg
/resources/images
31 KB
31 KB
Image
General
Full URL
https://login.sso.bluewin.ch/resources/images/login-background-desktop.jpg
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.186.145.195 , Switzerland, ASN60633 (SWISSCOM-MPLS-TRANSIT Swisscom MPLS/VPN Transit Network, CH),
Reverse DNS
Software
/
Resource Hash
15770879ffc00d5472cf644ba5ad657b1b6a7c8cc8718aed0ba9da9042f3d215

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
login.sso.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://login.sso.bluewin.ch/resources/styles/all-critical.css
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281; hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; JSESSIONID=19C89CA6D9325C3ACD9EEAB0C0699ABE
Connection
keep-alive
Cache-Control
no-cache
Referer
https://login.sso.bluewin.ch/resources/styles/all-critical.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Last-Modified
Tue, 22 May 2018 20:29:09 GMT
ETag
"0ce4e0ff711d9becc7fb45069dbd3c539"
Content-Type
image/jpeg
Cache-Control
max-age=10000, must-revalidate
Connection
close
Content-Length
31489
Expires
Tue, 19 Jun 2018 06:53:49 GMT
Cookie set logo-dark.png
/resources/images
6 KB
6 KB
Image
General
Full URL
https://login.sso.bluewin.ch/resources/images/logo-dark.png
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.186.196.30 , Switzerland, ASN60633 (SWISSCOM-MPLS-TRANSIT Swisscom MPLS/VPN Transit Network, CH),
Reverse DNS
Software
/
Resource Hash
e6083646ff7fe2af1088d01c16013a2a204c441d9b7041a5b49b7a1d179659cb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
login.sso.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://login.sso.bluewin.ch/resources/styles/all-critical.css
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281; hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; JSESSIONID=19C89CA6D9325C3ACD9EEAB0C0699ABE
Connection
keep-alive
Cache-Control
no-cache
Referer
https://login.sso.bluewin.ch/resources/styles/all-critical.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Last-Modified
Tue, 22 May 2018 20:29:08 GMT
ETag
"04c0e26c06ff754411e520b17a758165f"
Content-Type
image/png
Set-Cookie
JSESSIONID=C35212980097D8A5E57E7FBF03AFEC49; Path=/; Secure hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; Path=/
Cache-Control
max-age=10000, must-revalidate
Connection
close
Content-Length
6155
Expires
Tue, 19 Jun 2018 06:53:49 GMT
fonts.css
/resources/styles
885 B
563 B
Stylesheet
General
Full URL
https://login.sso.bluewin.ch/resources/styles/fonts.css
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/resources/scripts/critical.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.186.196.30 , Switzerland, ASN60633 (SWISSCOM-MPLS-TRANSIT Swisscom MPLS/VPN Transit Network, CH),
Reverse DNS
Software
/
Resource Hash
234c05a377b8f9ba2a1928071f4b474446567629b506829b059996bcbccebf9f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
login.sso.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281; hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; JSESSIONID=B5F56E9962E771F7682B2803E307D710
Connection
keep-alive
Cache-Control
no-cache
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 May 2018 20:36:37 GMT
ETag
"0f6dcc0201c3b2ac3b89cc4bb98d33a96"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=10000, must-revalidate
Connection
close
Content-Length
220
Expires
Tue, 19 Jun 2018 06:53:49 GMT
all.css
/resources/styles
35 KB
18 KB
Stylesheet
General
Full URL
https://login.sso.bluewin.ch/resources/styles/all.css
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.186.196.30 , Switzerland, ASN60633 (SWISSCOM-MPLS-TRANSIT Swisscom MPLS/VPN Transit Network, CH),
Reverse DNS
Software
/
Resource Hash
03e0c9f787409a98934d66bdc989e0da008c6651dfc8b6d21aaf491532b9996e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
login.sso.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281; hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; JSESSIONID=C35212980097D8A5E57E7FBF03AFEC49
Connection
keep-alive
Cache-Control
no-cache
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 May 2018 20:36:37 GMT
ETag
"042794360dcbf6de3a0a2b7fafa1624b7"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=10000, must-revalidate
Connection
close
Content-Length
18311
Expires
Tue, 19 Jun 2018 06:53:49 GMT
/
rich-v02.bluewin.ch/login/loginbackground/desktop/fr
42 KB
42 KB
Image
General
Full URL
https://rich-v02.bluewin.ch/login/loginbackground/desktop/fr/
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/resources/scripts/critical.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
195.186.101.189 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
nginx /
Resource Hash
d3f3312d09059bcadf593c27802c5d1dc32636230b10d001f7f41fc0a05004be

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rich-v02.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281
Connection
keep-alive
Cache-Control
no-cache
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Last-Modified
Wed, 25 Apr 2018 06:49:52 GMT
Server
nginx
ETag
W/"42691-1524638992000"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
42691
/
rich-v02.bluewin.ch/login/loginheader/desktop/fr
3 KB
1 KB
Document
General
Full URL
https://rich-v02.bluewin.ch/login/loginheader/desktop/fr/
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/resources/scripts/all.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
195.186.101.189 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
nginx /
Resource Hash
90561489577a581fb6b9228d6029451d1a2020e8680986217e78bb35ba554ad0

Request headers

Host
rich-v02.bluewin.ch
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Accept-Encoding
gzip, deflate
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
57162A684585E12BAD0B6BE61845193C
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr

Response headers

Server
nginx
Date
Tue, 19 Jun 2018 04:07:09 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
close
Content-Language
fr
Content-Encoding
gzip
Vary
Accept-Encoding
/
rich-v02.bluewin.ch/login/logintitle/desktop/fr
945 B
1 KB
Document
General
Full URL
https://rich-v02.bluewin.ch/login/logintitle/desktop/fr/
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/resources/scripts/all.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
195.186.101.189 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
nginx /
Resource Hash
2f4c13840d895bb75de8b9cb00a7fe4373bcc7ac439026b5daa5045fec1ae312

Request headers

Host
rich-v02.bluewin.ch
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Accept-Encoding
gzip, deflate
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
57162A684585E12BAD0B6BE61845193C
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr

Response headers

Server
nginx
Date
Tue, 19 Jun 2018 04:07:09 GMT
Content-Type
text/html;charset=utf-8
Content-Length
945
Connection
close
Content-Language
fr
/
rich-v02.bluewin.ch/login/logintext/desktop/fr
2 KB
1 KB
Document
General
Full URL
https://rich-v02.bluewin.ch/login/logintext/desktop/fr/
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/resources/scripts/all.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
195.186.101.189 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
nginx /
Resource Hash
82848561911667ed78dd03e1c00b274cf17f7d0242ad1d1761164597aa6c97f3

Request headers

Host
rich-v02.bluewin.ch
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Accept-Encoding
gzip, deflate
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
57162A684585E12BAD0B6BE61845193C
Referer
https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr

Response headers

Server
nginx
Date
Tue, 19 Jun 2018 04:07:09 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
close
Content-Language
fr
Content-Encoding
gzip
Vary
Accept-Encoding
Cookie set swisscom-icons-webfont.woff
/resources/fonts
3 KB
3 KB
Font
General
Full URL
https://login.sso.bluewin.ch/resources/fonts/swisscom-icons-webfont.woff
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.186.145.195 , Switzerland, ASN60633 (SWISSCOM-MPLS-TRANSIT Swisscom MPLS/VPN Transit Network, CH),
Reverse DNS
Software
/
Resource Hash
f545fc5809bb65465e0c6b2cf064454647c2eba433993e805ca39cd440db3ab3

Request headers

Pragma
no-cache
Origin
https://login.sso.bluewin.ch
Accept-Encoding
gzip, deflate
Host
login.sso.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://login.sso.bluewin.ch/resources/styles/fonts.css
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281; hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; JSESSIONID=C35212980097D8A5E57E7FBF03AFEC49
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://login.sso.bluewin.ch/resources/styles/fonts.css
Origin
https://login.sso.bluewin.ch

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Last-Modified
Tue, 22 May 2018 20:36:37 GMT
ETag
"06e51761897156369b4bf1806881cda89"
Content-Type
text/plain
Set-Cookie
JSESSIONID=5476878679FD8AA5C0AFE879E5CD1FC2; Path=/; Secure hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; Path=/
Cache-Control
max-age=10000, must-revalidate
Connection
close
Content-Length
2884
Expires
Tue, 19 Jun 2018 06:53:49 GMT
Cookie set TheSaB3_.woff
/resources/fonts
52 KB
53 KB
Font
General
Full URL
https://login.sso.bluewin.ch/resources/fonts/TheSaB3_.woff
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.186.145.195 , Switzerland, ASN60633 (SWISSCOM-MPLS-TRANSIT Swisscom MPLS/VPN Transit Network, CH),
Reverse DNS
Software
/
Resource Hash
a96f3caaa455ba144791f5147bf2e26eac376cf7180c78965f6bf7dca548bd91

Request headers

Pragma
no-cache
Origin
https://login.sso.bluewin.ch
Accept-Encoding
gzip, deflate
Host
login.sso.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://login.sso.bluewin.ch/resources/styles/fonts.css
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281; hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; JSESSIONID=C35212980097D8A5E57E7FBF03AFEC49
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://login.sso.bluewin.ch/resources/styles/fonts.css
Origin
https://login.sso.bluewin.ch

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Last-Modified
Tue, 22 May 2018 20:36:37 GMT
ETag
"04d511ad8bbf7bbd20240d3aa1472e5a0"
Content-Type
text/plain
Set-Cookie
JSESSIONID=728B06032D24565659BCACB2C72C4F6A; Path=/; Secure hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; Path=/
Cache-Control
max-age=10000, must-revalidate
Connection
close
Content-Length
53748
Expires
Tue, 19 Jun 2018 06:53:49 GMT
TheSaB5_.woff
/resources/fonts
54 KB
54 KB
Font
General
Full URL
https://login.sso.bluewin.ch/resources/fonts/TheSaB5_.woff
Requested by
Host: login.sso.bluewin.ch
URL: https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.186.145.195 , Switzerland, ASN60633 (SWISSCOM-MPLS-TRANSIT Swisscom MPLS/VPN Transit Network, CH),
Reverse DNS
Software
/
Resource Hash
96200c1996dae4076da631edc948ae2f347ea10677c3e2eb9e0eb140451abc27

Request headers

Pragma
no-cache
Origin
https://login.sso.bluewin.ch
Accept-Encoding
gzip, deflate
Host
login.sso.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://login.sso.bluewin.ch/resources/styles/fonts.css
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281; hazelcast.sessionId=HZD2F6BB3B65EC4684B9DE8A24EABFAD5B; JSESSIONID=C35212980097D8A5E57E7FBF03AFEC49
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://login.sso.bluewin.ch/resources/styles/fonts.css
Origin
https://login.sso.bluewin.ch

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Last-Modified
Tue, 22 May 2018 20:29:09 GMT
ETag
"0fe88fffd34773186469aa781b04b22b5"
Content-Type
text/plain
Cache-Control
max-age=10000, must-revalidate
Connection
close
Content-Length
54992
Expires
Tue, 19 Jun 2018 06:53:49 GMT
Cookie set TheSaB3_.woff
rich-v02.bluewin.ch/cp/swisscom/fonts
57 KB
57 KB
Font
General
Full URL
https://rich-v02.bluewin.ch/cp/swisscom/fonts/TheSaB3_.woff
Requested by
Host: rich-v02.bluewin.ch
URL: https://rich-v02.bluewin.ch/login/logintitle/desktop/fr/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
195.186.101.189 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
nginx /
Resource Hash
7bfc22552add9ba5d4fc484d2b856b9a9cde093c96ec8ad9665f47d85f2bd4c8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://rich-v02.bluewin.ch
Accept-Encoding
gzip, deflate
Host
rich-v02.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://rich-v02.bluewin.ch/login/logintitle/desktop/fr/
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://rich-v02.bluewin.ch/login/logintitle/desktop/fr/
Origin
https://rich-v02.bluewin.ch

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 May 2018 13:28:14 GMT
Server
nginx
X-Frame-Options
sameorigin
ETag
W/"58351-1526995694000"
Strict-Transport-Security
max-age=15768000 ; includeSubDomains
Set-Cookie
JSESSIONID=730D308B8BAD8179BF02D08D38A420D2; Path=/cp; Secure
Connection
close
Accept-Ranges
bytes
X-Dns-Prefetch-Control
off
Content-Length
58351
X-Xss-Protection
1; mode=block
webmail.png
rich-v02.bluewin.ch/login/images
2 KB
2 KB
Image
General
Full URL
https://rich-v02.bluewin.ch/login/images/webmail.png
Requested by
Host: rich-v02.bluewin.ch
URL: https://rich-v02.bluewin.ch/login/logintext/desktop/fr/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
195.186.101.189 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
nginx /
Resource Hash
97354e5862ff041b9e7c3bfae603eb9b9fbcdb6f51b2840cbb96a91dedffb64e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rich-v02.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://rich-v02.bluewin.ch/login/logintext/desktop/fr/
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281
Connection
keep-alive
Cache-Control
no-cache
Referer
https://rich-v02.bluewin.ch/login/logintext/desktop/fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Last-Modified
Wed, 25 Apr 2018 06:49:52 GMT
Server
nginx
ETag
W/"2057-1524638992000"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
2057
Cookie set TheSaB3_.woff
rich-v02.bluewin.ch/cp/swisscom/fonts
57 KB
57 KB
Font
General
Full URL
https://rich-v02.bluewin.ch/cp/swisscom/fonts/TheSaB3_.woff
Requested by
Host: rich-v02.bluewin.ch
URL: https://rich-v02.bluewin.ch/login/logintext/desktop/fr/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
195.186.101.189 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
nginx /
Resource Hash
7bfc22552add9ba5d4fc484d2b856b9a9cde093c96ec8ad9665f47d85f2bd4c8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://rich-v02.bluewin.ch
Accept-Encoding
gzip, deflate
Host
rich-v02.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://rich-v02.bluewin.ch/login/logintext/desktop/fr/
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://rich-v02.bluewin.ch/login/logintext/desktop/fr/
Origin
https://rich-v02.bluewin.ch

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 May 2018 13:28:14 GMT
Server
nginx
X-Frame-Options
sameorigin
ETag
W/"58351-1526995694000"
Strict-Transport-Security
max-age=15768000 ; includeSubDomains
Set-Cookie
JSESSIONID=75EA0E56587560227FD366D1552E1211; Path=/cp; Secure
Connection
close
Accept-Ranges
bytes
X-Dns-Prefetch-Control
off
Content-Length
58351
X-Xss-Protection
1; mode=block
Cookie set TheSaB5_.woff
rich-v02.bluewin.ch/cp/swisscom/fonts
54 KB
54 KB
Font
General
Full URL
https://rich-v02.bluewin.ch/cp/swisscom/fonts/TheSaB5_.woff
Requested by
Host: rich-v02.bluewin.ch
URL: https://rich-v02.bluewin.ch/login/logintext/desktop/fr/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
195.186.101.189 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
nginx /
Resource Hash
0e657fef479029daa2b6f88f038a7d507679edc2c278f68a9df4a783f482d18e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://rich-v02.bluewin.ch
Accept-Encoding
gzip, deflate
Host
rich-v02.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://rich-v02.bluewin.ch/login/logintext/desktop/fr/
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://rich-v02.bluewin.ch/login/logintext/desktop/fr/
Origin
https://rich-v02.bluewin.ch

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 May 2018 13:28:14 GMT
Server
nginx
X-Frame-Options
sameorigin
ETag
W/"55165-1526995694000"
Strict-Transport-Security
max-age=15768000 ; includeSubDomains
Set-Cookie
JSESSIONID=85942B9B7E59ACF01B712D68A8079B22; Path=/cp; Secure
Connection
close
Accept-Ranges
bytes
X-Dns-Prefetch-Control
off
Content-Length
55165
X-Xss-Protection
1; mode=block
toolbar1.6.css
rich-v02.bluewin.ch/login/css
5 KB
2 KB
Stylesheet
General
Full URL
https://rich-v02.bluewin.ch/login/css/toolbar1.6.css
Requested by
Host: rich-v02.bluewin.ch
URL: https://rich-v02.bluewin.ch/login/loginheader/desktop/fr/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
195.186.101.189 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
nginx /
Resource Hash
4632f8ce9e2d3ed4d97f3cac08daacf9f743f3ce43d1cb5a5a832e7e900be1ab

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rich-v02.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://rich-v02.bluewin.ch/login/loginheader/desktop/fr/
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281
Connection
keep-alive
Cache-Control
no-cache
Referer
https://rich-v02.bluewin.ch/login/loginheader/desktop/fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Apr 2018 06:49:58 GMT
Server
nginx
ETag
W/"5146-1524638998000"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
close
Accept-Ranges
bytes
mycloud_14x14_weiss.png
rich-v02.bluewin.ch/login/images
1 KB
1 KB
Image
General
Full URL
https://rich-v02.bluewin.ch/login/images/mycloud_14x14_weiss.png
Requested by
Host: rich-v02.bluewin.ch
URL: https://rich-v02.bluewin.ch/login/loginheader/desktop/fr/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
195.186.101.189 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
nginx /
Resource Hash
d8c15e96d9d373d3427042bbf3f8caf2f71e8055a27097369c41265f1dc46fd9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rich-v02.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://rich-v02.bluewin.ch/login/loginheader/desktop/fr/
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281
Connection
keep-alive
Cache-Control
no-cache
Referer
https://rich-v02.bluewin.ch/login/loginheader/desktop/fr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Last-Modified
Wed, 25 Apr 2018 06:49:52 GMT
Server
nginx
ETag
W/"1106-1524638992000"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
1106
bg.png
rich-v02.bluewin.ch/login/images
132 B
365 B
Image
General
Full URL
https://rich-v02.bluewin.ch/login/images/bg.png
Requested by
Host: rich-v02.bluewin.ch
URL: https://rich-v02.bluewin.ch/login/loginheader/desktop/fr/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
195.186.101.189 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
nginx /
Resource Hash
e3c5a80a8b460c2459d511abaa6270e29b68cd2d3594085be733681bf7f5f506

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rich-v02.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://rich-v02.bluewin.ch/login/css/toolbar1.6.css
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281
Connection
keep-alive
Cache-Control
no-cache
Referer
https://rich-v02.bluewin.ch/login/css/toolbar1.6.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Last-Modified
Wed, 25 Apr 2018 06:49:52 GMT
Server
nginx
ETag
W/"132-1524638992000"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
132
divider.png
rich-v02.bluewin.ch/login/images
155 B
388 B
Image
General
Full URL
https://rich-v02.bluewin.ch/login/images/divider.png
Requested by
Host: rich-v02.bluewin.ch
URL: https://rich-v02.bluewin.ch/login/loginheader/desktop/fr/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
195.186.101.189 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
nginx /
Resource Hash
31fc224c96f781be290a7a7dc0a84073068315e78d81da3909affc58aa5b394a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rich-v02.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://rich-v02.bluewin.ch/login/css/toolbar1.6.css
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281
Connection
keep-alive
Cache-Control
no-cache
Referer
https://rich-v02.bluewin.ch/login/css/toolbar1.6.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Last-Modified
Wed, 25 Apr 2018 06:49:52 GMT
Server
nginx
ETag
W/"155-1524638992000"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
155
TheSaB5_.woff
rich-v02.bluewin.ch/cp/swisscom/fonts
54 KB
54 KB
Font
General
Full URL
https://rich-v02.bluewin.ch/cp/swisscom/fonts/TheSaB5_.woff
Requested by
Host: rich-v02.bluewin.ch
URL: https://rich-v02.bluewin.ch/login/loginheader/desktop/fr/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
195.186.101.189 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
nginx /
Resource Hash
0e657fef479029daa2b6f88f038a7d507679edc2c278f68a9df4a783f482d18e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://rich-v02.bluewin.ch
Accept-Encoding
gzip, deflate
Host
rich-v02.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://rich-v02.bluewin.ch/login/css/toolbar1.6.css
Cookie
JSESSIONID=85942B9B7E59ACF01B712D68A8079B22; pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://rich-v02.bluewin.ch/login/css/toolbar1.6.css
Origin
https://rich-v02.bluewin.ch

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 May 2018 13:28:14 GMT
Server
nginx
ETag
W/"55165-1526995694000"
X-Frame-Options
sameorigin
Connection
close
Strict-Transport-Security
max-age=15768000 ; includeSubDomains
Accept-Ranges
bytes
X-Dns-Prefetch-Control
off
Content-Length
55165
X-Xss-Protection
1; mode=block
ScsIcon.woff
rich-v02.bluewin.ch/login/fonts
3 KB
3 KB
Font
General
Full URL
https://rich-v02.bluewin.ch/login/fonts/ScsIcon.woff
Requested by
Host: rich-v02.bluewin.ch
URL: https://rich-v02.bluewin.ch/login/loginheader/desktop/fr/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
195.186.101.189 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
nginx /
Resource Hash
525f0ee588125430ea28afc8d82f1240c262b1e6ce0936c86eeb1379c419da0e

Request headers

Pragma
no-cache
Origin
https://rich-v02.bluewin.ch
Accept-Encoding
gzip, deflate
Host
rich-v02.bluewin.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://rich-v02.bluewin.ch/login/css/toolbar1.6.css
Cookie
pscbr=vimdzmsp-rich14.bluewin.ch_2823836986052291636281
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://rich-v02.bluewin.ch/login/css/toolbar1.6.css
Origin
https://rich-v02.bluewin.ch

Response headers

Date
Tue, 19 Jun 2018 04:07:09 GMT
Last-Modified
Wed, 25 Apr 2018 06:49:52 GMT
Server
nginx
Connection
close
Accept-Ranges
bytes
ETag
W/"2932-1524638992000"
Content-Length
2932

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://dutestcos.esy.es/ma.php
  • https://www.bluewin.ch/fr/email/
  • https://rich.bluewin.ch/cp/applink/sso/ServiceEntry?d=bluewin.ch&l=fr
  • https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v02.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dfr%26m%3Dfalse&L=fr

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _jsQueue object| WebFontConfig boolean| Ba object| webfont object| WebFont object| PubSub

3 Cookies

Domain/Path Name / Value
login.sso.bluewin.ch/ Name: JSESSIONID
Value: 5476878679FD8AA5C0AFE879E5CD1FC2
login.sso.bluewin.ch/ Name: hazelcast.sessionId
Value: HZD2F6BB3B65EC4684B9DE8A24EABFAD5B
.bluewin.ch/ Name: pscbr
Value: vimdzmsp-rich14.bluewin.ch_2823836986052291636281

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

dutestcos.esy.es
login.sso.bluewin.ch
rich-v02.bluewin.ch
rich.bluewin.ch
www.bluewin.ch


195.186.101.188
195.186.101.189
195.186.145.195
195.186.196.30
213.3.75.34
31.170.167.177

03e0c9f787409a98934d66bdc989e0da008c6651dfc8b6d21aaf491532b9996e
0758038f59c63e039cb49019ed372ad4c8c954f29123036519265ab65cc1034d
08a67ebad07be7dbab563aa5d4d52d2e6cfe8846f106bddc6c8718ed3a89eb27
0e657fef479029daa2b6f88f038a7d507679edc2c278f68a9df4a783f482d18e
15770879ffc00d5472cf644ba5ad657b1b6a7c8cc8718aed0ba9da9042f3d215
234c05a377b8f9ba2a1928071f4b474446567629b506829b059996bcbccebf9f
2f4c13840d895bb75de8b9cb00a7fe4373bcc7ac439026b5daa5045fec1ae312
31fc224c96f781be290a7a7dc0a84073068315e78d81da3909affc58aa5b394a
3a372bd0651f93402cb97fed3e454d84cc31e71ac7b6541134ced03ded3de60f
4209d7e035803482049874ef71331e4765c6e16a1fa522997fb88b74ebc50a64
4632f8ce9e2d3ed4d97f3cac08daacf9f743f3ce43d1cb5a5a832e7e900be1ab
525f0ee588125430ea28afc8d82f1240c262b1e6ce0936c86eeb1379c419da0e
6a402a56b5296e86a5efbeb082e239abc31aa7b1550e32cc1947968fa9faebff
7bfc22552add9ba5d4fc484d2b856b9a9cde093c96ec8ad9665f47d85f2bd4c8
82848561911667ed78dd03e1c00b274cf17f7d0242ad1d1761164597aa6c97f3
8390fbc9533f4baba09fc5d92999ce77139e089c02991fd4e006f8ac19f1b9dc
90561489577a581fb6b9228d6029451d1a2020e8680986217e78bb35ba554ad0
96200c1996dae4076da631edc948ae2f347ea10677c3e2eb9e0eb140451abc27
97354e5862ff041b9e7c3bfae603eb9b9fbcdb6f51b2840cbb96a91dedffb64e
a96f3caaa455ba144791f5147bf2e26eac376cf7180c78965f6bf7dca548bd91
d3f3312d09059bcadf593c27802c5d1dc32636230b10d001f7f41fc0a05004be
d8c15e96d9d373d3427042bbf3f8caf2f71e8055a27097369c41265f1dc46fd9
e3c5a80a8b460c2459d511abaa6270e29b68cd2d3594085be733681bf7f5f506
e6083646ff7fe2af1088d01c16013a2a204c441d9b7041a5b49b7a1d179659cb
f545fc5809bb65465e0c6b2cf064454647c2eba433993e805ca39cd440db3ab3