pst-bk.web.app Open in urlscan Pro
2620:0:890::100 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://opencoursa.com/p0stbankde.asp
Effective URL:
https://pst-bk.web.app/
Submission: On May 10 via manual (May 10th 2022, 12:54:47 pm UTC) from DE — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is pst-bk.web.app.
TLS certificate: Issued by GTS CA 1D4 on April 12th 2022. Valid for: 3 months.

This is the only time pst-bk.web.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Postbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	185.215.180.114 185.215.180.114	51167 (CONTABO) (CONTABO)
2	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
13	159.223.4.96 159.223.4.96	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
22	8

1 185.215.180.114 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi748908.contaboserver.net

opencoursa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

pst-bk.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 159.223.4.96 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

devcloud.servehttp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7caf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	servehttp.com devcloud.servehttp.com	268 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1250	4 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 574	95 KB
2	web.app pst-bk.web.app	910 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 936	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 341	6 KB
1	opencoursa.com opencoursa.com	336 B
22	7

	Domain	Requested by
13	devcloud.servehttp.com	pst-bk.web.app devcloud.servehttp.com
3	unpkg.com	2 redirects pst-bk.web.app
3	cdn.jsdelivr.net	pst-bk.web.app
2	pst-bk.web.app	cdn.jsdelivr.net
1	code.jquery.com	pst-bk.web.app
1	cdnjs.cloudflare.com	pst-bk.web.app
1	opencoursa.com
22	7

This site contains no links.

Subject Issuer	Validity	Valid
opencoursa.com R3	`2022-04-07` - `2022-07-06`	3 months	crt.sh
web.app GTS CA 1D4	`2022-04-12` - `2022-07-11`	3 months	crt.sh
devcloud.servehttp.com R3	`2022-04-19` - `2022-07-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pst-bk.web.app/
Frame ID: 4018EFDB9C826CBA355D5F7B9CE3F454
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Postbank Banking & Brokerage

Page URL History Show full URLs

https://opencoursa.com/p0stbankde.asp Page URL
https://pst-bk.web.app/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

22
Requests

95 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

1403 kB
Transfer

3065 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://opencoursa.com/p0stbankde.asp Page URL
https://pst-bk.web.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://unpkg.com/http-vue-loader HTTP 302
https://unpkg.com/http-vue-loader@1.4.2 HTTP 302
https://unpkg.com/http-vue-loader@1.4.2/src/httpVueLoader.js

22 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 p0stbankde.asp Show response
opencoursa.com/ 164 B
336 B 217ms
12ms Document
text/html 185.215.180.114
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://opencoursa.com/p0stbankde.asp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.215.180.114 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi748908.contaboserver.net
Software: nginx / PleskLin
Resource Hash: b057ca7e51cac4b7c541abafc9261863c6f81725593b8aa16d9afa6867e6217c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 142
date: Tue, 10 May 2022 12:54:42 GMT
last-modified: Mon, 09 May 2022 09:11:47 GMT
server: nginx
vary: Accept-Encoding
x-accel-version: 0.01
x-cache-status: BYPASS
x-powered-by: PleskLin

GET
H2 200 Primary Request / Show response
pst-bk.web.app/ 2 MB
910 KB 50ms
10ms Document
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pst-bk.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9dc37dbcde90c602fd764a7b1d5c082781a620a40a0d8ac53bf6e6a5a17a7073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://opencoursa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=3600
content-encoding: br
content-length: 931282
content-type: text/html; charset=utf-8
date: Tue, 10 May 2022 12:54:42 GMT
etag: "16782eff4c2bfc26d7622e171fb3c3477577f9901a67e282ca80a5b28de49f23-br"
last-modified: Thu, 05 May 2022 09:34:25 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-hhn4040-HHN
x-timer: S1652187282.124554,VS0,VE4

GET
H/1.1 200
OK KhadmoPush.js Show response
devcloud.servehttp.com/static/ 264 KB
265 KB 144ms
45ms Script
application/javascript 159.223.4.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devcloud.servehttp.com:2400/static/KhadmoPush.js?v=1.0.0
Requested by: Host: pst-bk.web.app
URL: https://pst-bk.web.app/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.4.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b2fbd06ab6f68e23006205b0b76fbc625d1ccdd455fccd0386250fd4c2b84363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pst-bk.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 12:54:42 GMT
Last-Modified: Thu, 05 May 2022 10:27:11 GMT
ETag: W/"421a6-18093c2627f"
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 270758

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.24.0/ 17 KB
6 KB 65ms
31ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.24.0/axios.min.js

Requested by

Host: pst-bk.web.app
URL: https://pst-bk.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aed6ac78b8249a9c7cff0030f3b921ee9f771cb1684164f3e679e1023a4d5c69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://pst-bk.web.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 12:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 954823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5472
timing-allow-origin: *
last-modified: Mon, 25 Oct 2021 18:06:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6176f237-1560"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JgnocXsl7KzpONwFVMjDsIC4kWgynfo%2FBopFdAmKz3gtNw6%2F7aoquGjsHapQqM8kL0ZT041Nw2BNjOk817RNZ1AUW4v8cd8EUulTwnyLCEHI%2FnJlU9k0gVeAOj7dbLsGDR%2FuoFoIkT6IhjPmMp23mzE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7092d331d9878fdc-FRA
expires: Sun, 30 Apr 2023 12:54:42 GMT

GET
H2 200 vue.js Show response
cdn.jsdelivr.net/npm/vue/dist/ 336 KB
91 KB 54ms
28ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue/dist/vue.js

Requested by

Host: pst-bk.web.app
URL: https://pst-bk.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69b75483b270421e1a89426dd59387ba090772313561c3e9fa415396a78e8936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pst-bk.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 12:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12543
x-jsd-version: 2.6.14
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19182-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"53fc9-Jp9Vk24Ybv0rJ6ZZ5HLpQ6vP7ig"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdO3jnCvmIsHWBlsZdT5uaUmzPyzZp9UopP36GlKbbNvqfl7z3z91gkjOkSumwZmHefMAFXdfSvCc54Graz2oEwVfBDE%2BqukQF%2Bm8njN9TzoQCgRsDT17N8k2Cg49MJXDKdadyMXY2iTE1ZyIqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7092d331debe6997-FRA

GET
H2

200

httpVueLoader.js Show response
unpkg.com/http-vue-loader@1.4.2/src/
Redirect Chain

https://unpkg.com/http-vue-loader
https://unpkg.com/http-vue-loader@1.4.2
https://unpkg.com/http-vue-loader@1.4.2/src/httpVueLoader.js

11 KB
3 KB

38ms
37ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/http-vue-loader@1.4.2/src/httpVueLoader.js

Requested by

Host: pst-bk.web.app
URL: https://pst-bk.web.app/

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68e795c679590da889387b2a35654e30db0a7621b1813f246cba75a7546fdac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pst-bk.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 12:54:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6474098
fly-request-id: 01FWP2CN3Z74WJS8FH9VNEK7TN-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"2a8c-sh8GhLmH3Tr/3VtzZhqG/Fb1eYY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7092d332698c698b-FRA

Redirect headers

date: Tue, 10 May 2022 12:54:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FK1P4SE89B9R0MP1NSWJ85F3
server: cloudflare
age: 16821703
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /http-vue-loader@1.4.2/src/httpVueLoader.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 7092d3323920698b-FRA
access-control-allow-origin: *

GET
H2 200 vue-loading.min.js Show response
cdn.jsdelivr.net/npm/vue-loading-overlay@3.4.2/dist/ 9 KB
4 KB 47ms
21ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue-loading-overlay@3.4.2/dist/vue-loading.min.js

Requested by

Host: pst-bk.web.app
URL: https://pst-bk.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

131d1ca390a6c78cfc5107889980dbd155184886cc0dd81400478d1330b805fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pst-bk.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 12:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 361853
x-jsd-version: 3.4.2
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19169-FRA, cache-cdg20737-CDG
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2354-0hU+im1j/nlr1zEyQ4ScqJsdF+4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8O2bJ6BtTVTqe9ySQ6A0kfddCN%2FYe8v58TTUc4YKLAIqD1qDuNj5pt3QUEx4vXlXkp2xiYMD5ImWzje40TQFfQ%2BWk%2FA8Gmt5Y%2B7QJi7UkWHijOu%2BRZKYjg0Ti%2Bh0aR4z3tVYkV0pWunTjwQ%2Bk%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7092d331dec06997-FRA

GET
H2 200 vue-loading.css
cdn.jsdelivr.net/npm/vue-loading-overlay@3/dist/ 539 B
620 B 48ms
22ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue-loading-overlay@3/dist/vue-loading.css

Requested by

Host: pst-bk.web.app
URL: https://pst-bk.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

553fc093f4b619f0f355bf89e4d885c25eb88df06997e5a58eb3d11947e0b385

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pst-bk.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 12:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 35872
x-jsd-version: 3.4.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19149-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"21b-sKdzUWAyeKqbK/3eZdSw23Y96vQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49O2%2BEP2tRb1p1tpuB%2FkTZGsvPSGMc2pGs0pADzcp%2BENXKSX9HNvP91OQP6VZkmNZGHfsvA%2FfIGl0YuD6SsruYpeDKT1AD96mc5rPI3XY0Lhv8P7fcVwqfWElt%2FIv4wmzV5bahRjvrH1SXJS%2Fbg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7092d331debd6997-FRA

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 68ms
22ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: pst-bk.web.app
URL: https://pst-bk.web.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://pst-bk.web.app/
Origin: https://pst-bk.web.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 12:54:42 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1652187282.dop111.am5.t,1652187282.cds319.am5.hn,1652187282.cds007.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

OPTIONS
H/1.1 204
No Content start
devcloud.servehttp.com/api/ 0
0 81ms
37ms Preflight 159.223.4.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devcloud.servehttp.com:2400/api/start
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.4.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pst-bk.web.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Tue, 10 May 2022 12:54:42 GMT
Keep-Alive: timeout=5
Vary: Access-Control-Request-Headers

POST
H/1.1 200
OK start Show response
devcloud.servehttp.com/api/ 163 B
542 B 165ms
165ms XHR
application/json 159.223.4.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devcloud.servehttp.com:2400/api/start
Requested by: Host: devcloud.servehttp.com
URL: https://devcloud.servehttp.com:2400/static/KhadmoPush.js?v=1.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.4.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 2bb21743974adb08098e006cc987afaa9276f78d06b23dca4c80290c1547f2e3

Request headers

Accept: application/json, text/plain, */*
Referer: https://pst-bk.web.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 May 2022 12:54:42 GMT
Connection: keep-alive
ETag: W/"a3-TlUnN+JR1d69FGtzQISf1wKMagE"
Content-Length: 163
Keep-Alive: timeout=5
Content-Type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44a485e43d7c032784496d17e884bdc41683d3ad3d9999287fa848a2f698ac20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe5103f855975085f28d2a255145a386f30d2afe2a1b26fa9943d74b54859b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 612 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 545d99b57daa48a5fd7781e1ace4be2422a069625a8c71924d2a245998755df7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2afc1ff4a798ce317d694abd9ecb5dc5f7e1211f80e3864902c0f6da65746c14

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 50 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1dba4aed649c01e3a9864ed3313c4b506525c74e107760f113b31dc044a0f452

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 404 svg-icon-sprite.svg
pst-bk.web.app/bundles/@pbs/patternlib_pb/lib/runtime/assets/images/ 0
0 7ms
7ms Other
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pst-bk.web.app/bundles/@pbs/patternlib_pb/lib/runtime/assets/images/svg-icon-sprite.svg

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/vue/dist/vue.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pst-bk.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 05 May 2022 09:34:25 GMT
x-timer: S1652187283.750553,VS0,VE1
etag: "60ea9bd52e0e531bb41f25aaf82a12acc74c49152c69a527e86bc06174632a54"
x-served-by: cache-hhn4040-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/html; charset=utf-8
cache-control: max-age=3600
date: Tue, 10 May 2022 12:54:42 GMT
accept-ranges: bytes
content-length: 3930
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 1016 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b46a500fcaaee5c95cbe3ebeb539f6f9a7a14978387f696ab6f092838e9c920

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 48 KB
48 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0392b37cafa1d3eaf5f00c2594df53bea1f7c7059180098d4185a2425d580d1c

Request headers

Referer
Origin: https://pst-bk.web.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 41 KB
41 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33f227be2f5d1077c023bf5bfaa69f4498c74c3771d820ac23e2e2ca2a2bcd0d

Request headers

Referer
Origin: https://pst-bk.web.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: font/woff2

OPTIONS
H/1.1 204
No Content ping
devcloud.servehttp.com/api/ 0
0 19ms
19ms Preflight 159.223.4.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devcloud.servehttp.com:2400/api/ping
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.4.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pst-bk.web.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Tue, 10 May 2022 12:54:42 GMT
Keep-Alive: timeout=5
Vary: Access-Control-Request-Headers

OPTIONS
H/1.1 204
No Content event
devcloud.servehttp.com/api/ 0
0 38ms
19ms Preflight 159.223.4.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devcloud.servehttp.com:2400/api/event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.4.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pst-bk.web.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Tue, 10 May 2022 12:54:42 GMT
Keep-Alive: timeout=5
Vary: Access-Control-Request-Headers

POST
H/1.1 200
OK ping Show response
devcloud.servehttp.com/api/ 162 B
541 B 175ms
154ms XHR
application/json 159.223.4.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devcloud.servehttp.com:2400/api/ping
Requested by: Host: devcloud.servehttp.com
URL: https://devcloud.servehttp.com:2400/static/KhadmoPush.js?v=1.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.4.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e944379cc78ff50a1acd9af21d21785c26faf1df84e4c19a587f0775cbe69455

Request headers

Accept: application/json, text/plain, */*
Referer: https://pst-bk.web.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 May 2022 12:54:43 GMT
Connection: keep-alive
ETag: W/"a2-aZvGx+7Sy//+e03EhYpbhmokrSM"
Content-Length: 162
Keep-Alive: timeout=5
Content-Type: application/json; charset=utf-8

POST
H/1.1 200
OK event Show response
devcloud.servehttp.com/api/ 19 B
399 B 34ms
33ms XHR
application/json 159.223.4.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devcloud.servehttp.com:2400/api/event
Requested by: Host: devcloud.servehttp.com
URL: https://devcloud.servehttp.com:2400/static/KhadmoPush.js?v=1.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.4.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 45bf1038c80c2272984535dbbe5a664e933708fc1bdc6455266f3659b78c0490

Request headers

Accept: application/json, text/plain, */*
Referer: https://pst-bk.web.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 May 2022 12:54:43 GMT
Connection: keep-alive
ETag: W/"13-mu8umX7QQX6QzzZ+64c17ZK3Zno"
Content-Length: 19
Keep-Alive: timeout=5
Content-Type: application/json; charset=utf-8

POST
H/1.1 200
OK ping Show response
devcloud.servehttp.com/api/ 162 B
539 B 139ms
139ms XHR
application/json 159.223.4.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devcloud.servehttp.com:2400/api/ping
Requested by: Host: devcloud.servehttp.com
URL: https://devcloud.servehttp.com:2400/static/KhadmoPush.js?v=1.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.4.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e944379cc78ff50a1acd9af21d21785c26faf1df84e4c19a587f0775cbe69455

Request headers

Accept: application/json, text/plain, */*
Referer: https://pst-bk.web.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 May 2022 12:54:44 GMT
Connection: keep-alive
ETag: W/"a2-aZvGx+7Sy//+e03EhYpbhmokrSM"
Content-Length: 162
Keep-Alive: timeout=5
Content-Type: application/json; charset=utf-8

OPTIONS
H/1.1 204
No Content ping
devcloud.servehttp.com/api/ 0
0 20ms
19ms Preflight 159.223.4.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devcloud.servehttp.com:2400/api/ping
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.4.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pst-bk.web.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Tue, 10 May 2022 12:54:44 GMT
Keep-Alive: timeout=5
Vary: Access-Control-Request-Headers

POST
H/1.1 200
OK ping Show response
devcloud.servehttp.com/api/ 162 B
543 B 140ms
140ms XHR
application/json 159.223.4.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devcloud.servehttp.com:2400/api/ping
Requested by: Host: devcloud.servehttp.com
URL: https://devcloud.servehttp.com:2400/static/KhadmoPush.js?v=1.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.4.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e944379cc78ff50a1acd9af21d21785c26faf1df84e4c19a587f0775cbe69455

Request headers

Accept: application/json, text/plain, */*
Referer: https://pst-bk.web.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 May 2022 12:54:45 GMT
Connection: keep-alive
ETag: W/"a2-aZvGx+7Sy//+e03EhYpbhmokrSM"
Content-Length: 162
Keep-Alive: timeout=5
Content-Type: application/json; charset=utf-8

OPTIONS
H/1.1 204
No Content ping
devcloud.servehttp.com/api/ 0
0 21ms
20ms Preflight 159.223.4.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devcloud.servehttp.com:2400/api/ping
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.4.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pst-bk.web.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Tue, 10 May 2022 12:54:45 GMT
Keep-Alive: timeout=5
Vary: Access-Control-Request-Headers

POST
H/1.1 200
OK ping Show response
devcloud.servehttp.com/api/ 162 B
543 B 148ms
147ms XHR
application/json 159.223.4.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devcloud.servehttp.com:2400/api/ping
Requested by: Host: devcloud.servehttp.com
URL: https://devcloud.servehttp.com:2400/static/KhadmoPush.js?v=1.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.4.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e944379cc78ff50a1acd9af21d21785c26faf1df84e4c19a587f0775cbe69455

Request headers

Accept: application/json, text/plain, */*
Referer: https://pst-bk.web.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 May 2022 12:54:46 GMT
Connection: keep-alive
ETag: W/"a2-aZvGx+7Sy//+e03EhYpbhmokrSM"
Content-Length: 162
Keep-Alive: timeout=5
Content-Type: application/json; charset=utf-8

OPTIONS
H/1.1 204
No Content ping
devcloud.servehttp.com/api/ 0
0 19ms
19ms Preflight 159.223.4.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://devcloud.servehttp.com:2400/api/ping
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.4.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pst-bk.web.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Tue, 10 May 2022 12:54:46 GMT
Keep-Alive: timeout=5
Vary: Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Postbank (Banking)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pst-bk.web.app/bundles/@pbs/patternlib_pb/lib/runtime/assets/images/svg-icon-sprite.svg#icon-info Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
devcloud.servehttp.com
opencoursa.com
pst-bk.web.app
unpkg.com
159.223.4.96
185.215.180.114
2001:4de0:ac18::1:a:1a
2606:4700::6810:5714
2606:4700::6810:7caf
2606:4700::6811:190e
2620:0:890::100
0392b37cafa1d3eaf5f00c2594df53bea1f7c7059180098d4185a2425d580d1c
131d1ca390a6c78cfc5107889980dbd155184886cc0dd81400478d1330b805fe
1dba4aed649c01e3a9864ed3313c4b506525c74e107760f113b31dc044a0f452
2afc1ff4a798ce317d694abd9ecb5dc5f7e1211f80e3864902c0f6da65746c14
2b46a500fcaaee5c95cbe3ebeb539f6f9a7a14978387f696ab6f092838e9c920
2bb21743974adb08098e006cc987afaa9276f78d06b23dca4c80290c1547f2e3
33f227be2f5d1077c023bf5bfaa69f4498c74c3771d820ac23e2e2ca2a2bcd0d
44a485e43d7c032784496d17e884bdc41683d3ad3d9999287fa848a2f698ac20
45bf1038c80c2272984535dbbe5a664e933708fc1bdc6455266f3659b78c0490
545d99b57daa48a5fd7781e1ace4be2422a069625a8c71924d2a245998755df7
553fc093f4b619f0f355bf89e4d885c25eb88df06997e5a58eb3d11947e0b385
68e795c679590da889387b2a35654e30db0a7621b1813f246cba75a7546fdac7
69b75483b270421e1a89426dd59387ba090772313561c3e9fa415396a78e8936
9dc37dbcde90c602fd764a7b1d5c082781a620a40a0d8ac53bf6e6a5a17a7073
aed6ac78b8249a9c7cff0030f3b921ee9f771cb1684164f3e679e1023a4d5c69
b057ca7e51cac4b7c541abafc9261863c6f81725593b8aa16d9afa6867e6217c
b2fbd06ab6f68e23006205b0b76fbc625d1ccdd455fccd0386250fd4c2b84363
e944379cc78ff50a1acd9af21d21785c26faf1df84e4c19a587f0775cbe69455
fe5103f855975085f28d2a255145a386f30d2afe2a1b26fa9943d74b54859b7b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

pst-bk.web.app Open in urlscan Pro 2620:0:890::100 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

95 %HTTPS

71 %IPv6

7 Domains

7 Subdomains

8 IPs

3 Countries

1403 kBTransfer

3065 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pst-bk.web.app Open in urlscan Pro
2620:0:890::100 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

95 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

1403 kB
Transfer

3065 kB
Size

0
Cookies

22 HTTP transactions
8 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!