potspack-ch.xyz Open in urlscan Pro
104.21.32.100 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://potspack-ch.xyz/#/?_from=__mail
Effective URL:
https://potspack-ch.xyz/
Submission: On October 09 via api (October 9th 2023, 12:33:26 pm UTC) from JP — Scanned from CH

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 26 HTTP transactions. The main IP is 104.21.32.100, located in and belongs to CLOUDFLARENET, US. The main domain is potspack-ch.xyz.
TLS certificate: Issued by E1 on October 9th 2023. Valid for: 3 months.

This is the only time potspack-ch.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Swiss Post (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
26	104.21.32.100 104.21.32.100		13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	1

26 104.21.32.100 (None, )

ASN13335 (CLOUDFLARENET, US)

potspack-ch.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	potspack-ch.xyz potspack-ch.xyz	2 MB
26	1

	Domain	Requested by
26	potspack-ch.xyz	potspack-ch.xyz
26	1

This site contains no links.

Subject Issuer	Validity	Valid
potspack-ch.xyz E1	`2023-10-09` - `2024-01-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://potspack-ch.xyz/
Frame ID: 96F6C8D4E685BF646E9E7A3A271A0D95
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Meine Sendungen

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2321 kB
Transfer

7614 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response potspack-ch.xyz/	3 KB 2 KB	791ms 204ms	Document text/html	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `809e1f077a95f977f6061aa362127f81a63c28805eab6f9fcbfc2b452e0bf45d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8136a6a918df3755-MXP content-encoding br content-type text/html date Mon, 09 Oct 2023 12:33:15 GMT last-modified Fri, 06 Oct 2023 19:49:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfjJbUrdBpZ95EMj7A2Uyqf7VWAurii1UbALTii%2BPrxakS3zWsxcbo3hUEoUs1IiCPHzpH5WdvPy5blSw8QgRaigpBgGccYESe%2BKeIjDdOEEgDY03cryLVOe7LB16buxZkc%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	XpDTGh7JNe22e38be6.1696621742212.js Show response potspack-ch.xyz/assets/	7 MB 2 MB	77ms 75ms	Script application/javascript	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `19470021856964e9f13369a82716060dcdbb1c2bc648d44c946fc34ea2b8cce2` Request headers Referer https://potspack-ch.xyz/ Origin https://potspack-ch.xyz accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 12:33:15 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5528 alt-svc h3=":443"; ma=86400 last-modified Fri, 06 Oct 2023 19:49:42 GMT server cloudflare etag W/"652064d6-6cdeda" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7Nm5bbVFLz1oyPuDYY7nxnlpWnl7rKqLn7SGec2af691935JOIdbzSZf%2BFihizTAWOm04y2DVi1PQqojibQavBkfyB6Sr0r5D7Wu7ZNNmhYCQmNA24MOHBkmcaUY6zYujU%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 cf-ray 8136a6aa5a003755-MXP expires Mon, 16 Oct 2023 05:12:42 GMT
GET H2	200	QafjJJQn8Ae055d3f1.1696621742212.css potspack-ch.xyz/assets/	780 B 712 B	65ms 65ms	Stylesheet text/css	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/assets/QafjJJQn8Ae055d3f1.1696621742212.css Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e055d3f119a00ee47c6802612a3dd218ee5425dd73d40fd2f20df34be83c2a0b` Request headers accept-language de-CH,de;q=0.9 Referer https://potspack-ch.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 12:33:15 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5528 alt-svc h3=":443"; ma=86400 last-modified Fri, 06 Oct 2023 19:49:21 GMT server cloudflare etag W/"652064c1-30c" vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XB%2Bj681fhsa6mtCHe5%2BzvDRfDaZHquv2QZ8jQLZDQuZMgjx7i117b3roGonXaE9m%2Br%2B5D2OzXRioeFalpzNHVtafKydB3cqGVYyHRzghfcFowjOC9rbx%2F23YVYEOLHly%2B0E%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 cf-ray 8136a6aa5a013755-MXP expires Mon, 16 Oct 2023 05:12:42 GMT
GET H2	200	/ Show response potspack-ch.xyz/socket.io/	118 B 402 B	230ms 230ms	XHR text/plain	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/socket.io/?EIO=4&transport=polling&t=OiKRMxe Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6d8e5fdec28351fed2cf2e7191ed80f28e8fb14f93371094158ccf6405e6c1fc` Request headers Accept / Referer https://potspack-ch.xyz/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 12:33:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQkzRcraCamWEMCEda6eNG5ZASIOTGuYe8BaFacwDhjgCAGU7%2BgFkGrENjt6SwoFQmi%2BJRtWYpM3fCRM9ORs1qj66rS4IVKDiHZxmCpEgLEqRBKeHvJt2%2Bpm7ywMpILpMK4%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cf-ray 8136a6b82dda3755-MXP alt-svc h3=":443"; ma=86400
GET H2	200	XcRfQQJXAJcb3874cd.1696621742212.js Show response potspack-ch.xyz/assets/	584 KB 149 KB	140ms 140ms	Script application/javascript	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/assets/XcRfQQJXAJcb3874cd.1696621742212.js Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `70e7973b280916a5e26032bc93d4be4992806903146cc16a205d2f64e9934d00` Request headers Referer Origin https://potspack-ch.xyz accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 12:33:18 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5530 alt-svc h3=":443"; ma=86400 last-modified Fri, 06 Oct 2023 19:49:31 GMT server cloudflare etag W/"652064cb-920dd" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDji3pusc29SFr7vY%2BwHtyRnwoLLJ2Pb4oX9Er7kyuhJliVZTYelv%2BDG1eHt5qKuUuQlW7cpbv7%2BxtxpvB%2FPXuebNbJwEi%2Fzc%2FTQeMaDMXlPjeZUaNMVORClKZz2aFA4UyA%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 cf-ray 8136a6b88e1a3755-MXP expires Mon, 16 Oct 2023 05:12:44 GMT
GET H2	200	QafjJJQn8Ad01173b1.1696621742212.css potspack-ch.xyz/assets/	13 KB 5 KB	108ms 107ms	Stylesheet text/css	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/assets/QafjJJQn8Ad01173b1.1696621742212.css Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d01173b14a46ebc0f8633d37da616d7d95f1dc3d59f32024d4f3d871e958051b` Request headers accept-language de-CH,de;q=0.9 Referer https://potspack-ch.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 12:33:18 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5530 alt-svc h3=":443"; ma=86400 last-modified Fri, 06 Oct 2023 19:49:22 GMT server cloudflare etag W/"652064c2-338f" vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kyPYfGlllffXyWpHDq7YiBaIHxvR%2FnnsxFvGrDpgA5BBRiBvcwC5npxttM3TQO4YMc2u%2FiQIWRnAiYnZzjKBtbGg%2FTODBL0ggjHFmSzL0MqzqT3w3vObEW1RTvKQjmrlYI%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 cf-ray 8136a6b88e1b3755-MXP expires Mon, 16 Oct 2023 05:12:44 GMT
GET H2	200	XcRfQQJXAJ0a268db0.1696621742212.js Show response potspack-ch.xyz/assets/	9 KB 4 KB	104ms 103ms	Script application/javascript	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/assets/XcRfQQJXAJ0a268db0.1696621742212.js Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2770041fad143fbb30ac2c627933bd02404db1626ffcbe8aa90320dcd7591460` Request headers Referer Origin https://potspack-ch.xyz accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 12:33:18 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5530 alt-svc h3=":443"; ma=86400 last-modified Fri, 06 Oct 2023 19:49:23 GMT server cloudflare etag W/"652064c3-2291" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BNBi26fZC8i%2FZ1BOXsXZqXZXtMY7qjQ0buyrILlZE10p3GE6DliAZ9q661IVOWWlS8vXNv1XWM0RZDOlqR9bmgpR6TjGVvGeEDl8yAji8sqNU%2FATmbgWsR6%2Boaduaa5r9I%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 cf-ray 8136a6b88e1c3755-MXP expires Mon, 16 Oct 2023 05:12:44 GMT
GET H2	200	XcRfQQJXAJc27b6911.1696621742212.js Show response potspack-ch.xyz/assets/	5 KB 2 KB	106ms 105ms	Script application/javascript	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/assets/XcRfQQJXAJc27b6911.1696621742212.js Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `43e9e74754c41f44c5f8c7e66839f1bf90f79930f6e0eec972b6a6725a6e9012` Request headers Referer Origin https://potspack-ch.xyz accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 12:33:18 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5515 alt-svc h3=":443"; ma=86400 last-modified Fri, 06 Oct 2023 19:49:27 GMT server cloudflare etag W/"652064c7-1276" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pp9FYUg1n01jwRjXJwV5QXk4Tid3s3XPkoCeWjjvFAQVS0d6r8Z5U8MuqtOKipM0FzFLE3C138gdrdqrklroIEWJY8Nx3GAFLvB%2B7oKNvNSMM8IMLbnhQwBA7Bec1HXnMrQ%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 cf-ray 8136a6b88e1d3755-MXP expires Mon, 16 Oct 2023 05:12:44 GMT
GET H2	200	QafjJJQn8A90d68448.1696621742212.css potspack-ch.xyz/assets/	370 B 475 B	129ms 129ms	Stylesheet text/css	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/assets/QafjJJQn8A90d68448.1696621742212.css Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `90d6844806a5e2ee88f1f9fbcc2c844a6fcc57988cb46f4f1e5a81d58441bbee` Request headers accept-language de-CH,de;q=0.9 Referer https://potspack-ch.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 12:33:18 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5530 alt-svc h3=":443"; ma=86400 last-modified Fri, 06 Oct 2023 19:49:21 GMT server cloudflare etag W/"652064c1-172" vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iu2jLBPlxiELDdUbYZY3aBH3C5xezNTGuCCc6uL%2B2T8TmJh3e01tvafaruNjRSm59t7MXl58diujBeB1iQDPK%2Fw%2FyAI1OYWlyeY7%2BAjdxYxnD4D%2Bp94sDr4Mcclhz0Uwm1s%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 cf-ray 8136a6b88e203755-MXP expires Mon, 16 Oct 2023 05:12:44 GMT
POST H2	200	/ Show response potspack-ch.xyz/socket.io/	2 B 284 B	465ms 465ms	XHR text/html	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/socket.io/?EIO=4&transport=polling&t=OiKRN0w&sid=DVqdMXfD47_lJ4AJAEq_ Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer https://potspack-ch.xyz/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Mon, 09 Oct 2023 12:33:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9ih4NPyf04JzvRbibXz0uZwrjzATdLCECaIpbJmR%2BWVL9DEKgbRnwW9QYvtEFhO2j7fd1KP3WruCk7ta%2FQ9Gmyz5NWnDH9tNu%2FGa0507%2FYg2L%2B9eWCO8FlQQXjeRocanBE%3D"}],"group":"cf-nel","max_age":604800} content-type text/html access-control-allow-origin * cf-ray 8136a6ba1f6f3755-MXP alt-svc h3=":443"; ma=86400
GET H2	200	/ Show response potspack-ch.xyz/socket.io/	41 B 310 B	464ms 464ms	XHR application/octet-stream	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/socket.io/?EIO=4&transport=polling&t=OiKRN0z&sid=DVqdMXfD47_lJ4AJAEq_ Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4fcb6a416db18d7b04f59500b088a2e0971307a3ed6ea80cec4da05f71cadf84` Request headers Accept / Referer https://potspack-ch.xyz/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 12:33:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJMPVBKEZRDG0F2lo3AptoYGJrB3A3mIQlMQqgUVhZznoEC1PZyBKIwUj8CkIGqc%2Bubig9bPwr9jMl1ns13pKSY63ENnS8xs5wcTgA7%2F2uh0gvuCVzI81%2FUYICDKLZCFtxQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cf-ray 8136a6ba7fc33755-MXP alt-svc h3=":443"; ma=86400 content-length 41
GET H2	200	/ Show response potspack-ch.xyz/socket.io/	162 B 394 B	220ms 220ms	XHR text/plain	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/socket.io/?EIO=4&transport=polling&t=OiKRN8G&sid=DVqdMXfD47_lJ4AJAEq_ Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `18b829aa87423f0a56d856e517d69382c2c54596c58012a16a0528f40c34ff7e` Request headers Accept / Referer https://potspack-ch.xyz/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 12:33:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzrEMgJCvH3SbCPajHFlcIaDdqvlVSk%2FTSJGvbCcw%2FzSL3dwko%2FuD%2BHElHXgVb8nSCZ3W5gUVxyWBHWXTtHXTvBQT7gAStG5At3kqipfEwHT0IbmgOVDzfHW02U0D61qRaw%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cf-ray 8136a6bd09f83755-MXP alt-svc h3=":443"; ma=86400
POST H2	200	/ Show response potspack-ch.xyz/socket.io/	2 B 291 B	185ms 184ms	XHR text/html	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/socket.io/?EIO=4&transport=polling&t=OiKRN8H&sid=DVqdMXfD47_lJ4AJAEq_ Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer https://potspack-ch.xyz/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Mon, 09 Oct 2023 12:33:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7jbZQZ9BC5zbpQZbtlMjeHhk0BHCfxQdRp86oDtlU8wWGlzCPJF2BO7mFwHASmLsmKc0SBP94JSZ5UbmwFkgMDqkcviJs143zrSb5iRVzU43rDTgsQGadKOssO2mXTqu3A%3D"}],"group":"cf-nel","max_age":604800} content-type text/html access-control-allow-origin * cf-ray 8136a6bd2a193755-MXP alt-svc h3=":443"; ma=86400
GET H2	200	/ Show response potspack-ch.xyz/socket.io/	21 B 293 B	190ms 190ms	XHR text/plain	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/socket.io/?EIO=4&transport=polling&t=OiKRNBl&sid=DVqdMXfD47_lJ4AJAEq_ Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `42606cdd70b43d02b1c53e636902766ee36f22742d4f2db74fe60a251811b33f` Request headers Accept / Referer https://potspack-ch.xyz/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 12:33:19 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yta1t28OGREXMsof5Lb9pWChpV%2FaFmstYJj3cy80sZHI2si%2FHSOLg2E2LL9xaXnAk7aJFgfY5wNN7ej%2FK96oLq7%2BHfM9o5u6Na%2FYUdEx1iRUgIK7GLYgG07zyfOOMd%2Ft7Mg%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cf-ray 8136a6be7b393755-MXP alt-svc h3=":443"; ma=86400 content-length 21
POST H2	200	/ Show response potspack-ch.xyz/socket.io/	2 B 275 B	189ms 188ms	XHR text/html	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/socket.io/?EIO=4&transport=polling&t=OiKRNBl.0&sid=DVqdMXfD47_lJ4AJAEq_ Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer https://potspack-ch.xyz/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Mon, 09 Oct 2023 12:33:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eX8lBL1AcmsVf0PHr6gYGBvYNLrjGc6EHEmHXneC9NGrz653B%2FxSn7MNu30zcXJp37NKAjrwN%2BVCL%2BOkdE53NVtXpEN6BltJ6%2BRv8SOr8xcp%2BKSxZAct5g31mewG5BXEfI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html access-control-allow-origin * cf-ray 8136a6be8b5a3755-MXP alt-svc h3=":443"; ma=86400
GET H2	200	/ Show response potspack-ch.xyz/socket.io/	76 B 329 B	161ms 161ms	XHR text/plain	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/socket.io/?EIO=4&transport=polling&t=OiKRNEk&sid=DVqdMXfD47_lJ4AJAEq_ Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e224d45665e64a7ea0e97b239d053e62a8ecc88c57e32c2063a0f88b4974b920` Request headers Accept / Referer https://potspack-ch.xyz/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 12:33:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y208%2Bohs003zn9ieV7V9KfRkyt%2F4CB9K6CCGQ2zBLW1U9WmcIwEP7WMdLtU7r304JME2Uh3Qa8gntT51UYg%2FuWhKyXmqBEQjvhovL9w7zpi6dEMAgx5Buhm1zgTmxg9kwS0%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cf-ray 8136a6bf9c493755-MXP alt-svc h3=":443"; ma=86400
GET H2	200	/ Show response potspack-ch.xyz/socket.io/	1 B 303 B	234ms 234ms	XHR text/plain	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/socket.io/?EIO=4&transport=polling&t=OiKRNHI&sid=DVqdMXfD47_lJ4AJAEq_ Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683` Request headers Accept / Referer https://potspack-ch.xyz/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 12:33:19 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiErWMqms4P%2Bgo5ksSohcmKANGSVULzW1rcRcLMG4J3%2BuG9P14mJfrZ39ztOWeOhR9ktGRRrlzNphewhSrQhouK9e2waANjARjuGaTvf1LLMJAfLSagKdeTyqis6C3Os37M%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cf-ray 8136a6c0ad593755-MXP alt-svc h3=":443"; ma=86400 content-length 1
POST H2	200	/ Show response potspack-ch.xyz/socket.io/	2 B 276 B	192ms 191ms	XHR text/html	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/socket.io/?EIO=4&transport=polling&t=OiKRNHO&sid=DVqdMXfD47_lJ4AJAEq_ Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer https://potspack-ch.xyz/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Mon, 09 Oct 2023 12:33:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTW4xqsfHyM0362Z80nmKufyLXzBonPBZR5xY4oBuhU5nykW9KLMjXi5Yrz1AHa6w%2F%2Bf7MS%2BmifYWBUZzoVdcq9kqXzPv6TFDlP0p5C869TrsAfpJdZplT5b%2FwuYiqi02%2B4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html access-control-allow-origin * cf-ray 8136a6c0cd703755-MXP alt-svc h3=":443"; ma=86400
POST H2	201	save-data Show response potspack-ch.xyz/api/	744 B 1 KB	262ms 262ms	XHR application/json	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/api/save-data Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `2bd71002cd488c6752a7456475dba9173dd987d5b5165cf882a7d144c547914a` Request headers Content-Type application/json Accept application/json, text/plain, / Referer https://potspack-ch.xyz/ remark 0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 version 230803 Response headers date Mon, 09 Oct 2023 12:33:19 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"2e8-elHSsZStYC7+l/FHnWGHlL4GMHA" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNPMebGQDmk2MAHnXoLJnzr1nIOjrlqvsM8cN6odWCuX8OMMbVnB3QGXLFpsYMzZSofTFhLj3GvorMcX4GgtkVVaTpwuoDCpjIqzEOIPvdnBvW0kb9mT1eQnY2LLruljKcI%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 8136a6c0cd723755-MXP alt-svc h3=":443"; ma=86400 content-length 744
GET H2	200	get-app-settings Show response potspack-ch.xyz/api/	804 B 748 B	184ms 183ms	XHR application/json	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/api/get-app-settings Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `43a9e69a4bd2f3da5f66303d36faff90d1df8487442480fb8b5184d2ed0d2c6f` Request headers Accept application/json, text/plain, / Referer https://potspack-ch.xyz/ remark 0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 version 230803 Response headers date Mon, 09 Oct 2023 12:33:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"324-eWjKVwTecP+zW2Dvg1eVbXNV5jg" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7o6SAHvoPn4dALF225oPiywiCD3JufVN9K%2BXPeGGRVd%2BdqN%2Fhl8IMTyYgOilZ8O8wVLQCEF7hp33ZQDL4tF6RfaL2EaYu45ZKqetZW0RdNYqnreq0PlJgm7UMTAwLQjrGwI%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 8136a6c0cd733755-MXP alt-svc h3=":443"; ma=86400
GET H2	200	get-next-domain Show response potspack-ch.xyz/api/	0 289 B	173ms 173ms	XHR text/html	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/api/get-next-domain Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/plain, / darcula-data-id 2498 Referer https://potspack-ch.xyz/ remark 0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 version 230803 Response headers date Mon, 09 Oct 2023 12:33:23 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1WzHxzsnCHQRxYn8trwrHIwwQSQZAVBQcAR5XkN%2BIzT7szlTvuQm%2FsszxROjs%2BRu0NwrLo6PACB07IYYRGdljtWhzOiPL6Cs1IsKIvRSGuBj89CEJOtCYpNQiYHLrYhDk0%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 8136a6d82b753755-MXP alt-svc h3=":443"; ma=86400
GET H2	200	can-active Show response potspack-ch.xyz/api/	112 B 397 B	171ms 171ms	XHR application/json	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/api/can-active Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `bdc1eccc470eddbaca39b01aae6a5d724e8643fce429f029995a146849eb95b5` Request headers Accept application/json, text/plain, / darcula-data-id 2498 Referer https://potspack-ch.xyz/ remark 0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 12:33:23 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"70-qMzL45SMUYKA2Q858TLzPrFjtjA" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfKTLxhgNvNg77Hy04IKGxFhtFUNPsUj39SdLzAnnE5FWDiXHgZJ3P6NPedJNtCkJUa56zB0O3K1htyBehgCrR%2Ff5yIWVxXac0w%2FyMPJT7Hd9cqc2OwRA%2F4BPHhbI0veLYY%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 8136a6d82b773755-MXP alt-svc h3=":443"; ma=86400
GET H2	200	get-settings Show response potspack-ch.xyz/api/	128 B 438 B	168ms 168ms	XHR application/json	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/api/get-settings Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `905ac3b61def647ff98dd38dcefaca4d50deae6ee05d86814de865f996ea04fc` Request headers Accept application/json, text/plain, / darcula-data-id 2498 Referer https://potspack-ch.xyz/ remark 0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 version 230803 Response headers date Mon, 09 Oct 2023 12:33:23 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"80-IOq/WvdaIjIxZYM/urXK5PttpbY" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMoKKDd5WnCbYWosyRYW89zQBnH18e3XLqE45%2FKA%2BaP3Q6Xa%2FN2mrJ9gFxRrBL09JLEOj8JnocZLGuUQrWenKZ69dnYuUx4%2FlRFziqvMH4oX8JO2MmkRHUqfN8Vh8hZehPk%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 8136a6d82b783755-MXP alt-svc h3=":443"; ma=86400
POST H2	201	save-data Show response potspack-ch.xyz/api/	732 B 1 KB	234ms 234ms	XHR application/json	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/api/save-data Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `8a512e718622a5a1c8d0c360c943ee185f2b9cb0f4afb78d0eac1a7c64ca21ce` Request headers remark 0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/json Accept application/json, text/plain, / darcula-data-id 2498 Referer https://potspack-ch.xyz/ version 230803 Response headers date Mon, 09 Oct 2023 12:33:23 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"2dc-HAkb0MtGD1JKZSNDx9IEO2z/iNI" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZxcn2wPPRwKXKwjc%2BL4Ovo%2FYzy8bB0GGmdzuPuG9q%2BoywVWSkOqZ0JOOrmH9gy5Ek%2F3H3%2BeDQXPdVuOEKoSLgXVrrs0ladCNDLvj9FpcxCL1MVl4nce9lPytYjG0dgStSs%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 8136a6d84b9c3755-MXP alt-svc h3=":443"; ma=86400 content-length 732
POST H2	201	logger Show response potspack-ch.xyz/api/	0 261 B	270ms 269ms	XHR text/plain	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/api/logger Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers remark 0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/json Accept application/json, text/plain, / darcula-data-id 2498 Referer https://potspack-ch.xyz/ version 230803 Response headers date Mon, 09 Oct 2023 12:33:23 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZlsqJJLVrwf2DgIQQHe%2Ff3cWP2MSTmHW7lgIVBD07hLEEpd7OqmyYiCoYXEj45nVjE1%2FiPpH34VF%2Fek0WT3J%2FqxDTCyOFtT6EuAm%2BPOULnSrL%2FFrki7gwP1I7ulMtbA12s%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 8136a6d96c6f3755-MXP alt-svc h3=":443"; ma=86400
GET H2	200	QafjJJQn8Adc645ddf.1696621742212.woff2 potspack-ch.xyz/assets/	29 KB 29 KB	63ms 63ms	Font font/woff2	104.21.32.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://potspack-ch.xyz/assets/QafjJJQn8Adc645ddf.1696621742212.woff2 Requested by Host: potspack-ch.xyz URL: https://potspack-ch.xyz/assets/QafjJJQn8Ad01173b1.1696621742212.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.32.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dc645ddffd4b66feb1f5be4d4c661a9ab2e9be2a26c4a08b376ab68d9025dcd9` Request headers Referer https://potspack-ch.xyz/assets/QafjJJQn8Ad01173b1.1696621742212.css Origin https://potspack-ch.xyz accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 09 Oct 2023 12:33:23 GMT cf-cache-status HIT last-modified Fri, 06 Oct 2023 19:49:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2682 etag "652064c1-730c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkzpctKY5kfRRughrSRvQVVnz3MLPWL9uvUhoWcrSuHvSWuU95ImsOLpiEHFzJY6t9VLPap8N8CNULLvGwYycpHTsi3Bw5YSabWUVIDug3CpKC8J9g83Nc2XnFiO0UaTcvQ%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 8136a6db3df93755-MXP alt-svc h3=":443"; ma=86400 content-length 29452

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swiss Post (Transportation)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| IMask boolean| __VUE__ boolean| __vite_is_modern_browser object| __darcula_config

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Message: Found declarative shadowroot attribute on a template, but declarative Shadow DOM has not been enabled by includeShadowRoots.
other	warning	URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Message: Found declarative shadowroot attribute on a template, but declarative Shadow DOM has not been enabled by includeShadowRoots.
other	warning	URL: https://potspack-ch.xyz/assets/XpDTGh7JNe22e38be6.1696621742212.js Message: Found declarative shadowroot attribute on a template, but declarative Shadow DOM has not been enabled by includeShadowRoots.
other	warning	URL: https://potspack-ch.xyz/assets/XcRfQQJXAJcb3874cd.1696621742212.js Message: Found declarative shadowroot attribute on a template, but declarative Shadow DOM has not been enabled by includeShadowRoots.
other	warning	URL: https://potspack-ch.xyz/assets/XcRfQQJXAJcb3874cd.1696621742212.js Message: Found declarative shadowroot attribute on a template, but declarative Shadow DOM has not been enabled by includeShadowRoots.
other	warning	URL: https://potspack-ch.xyz/assets/XcRfQQJXAJcb3874cd.1696621742212.js Message: Found declarative shadowroot attribute on a template, but declarative Shadow DOM has not been enabled by includeShadowRoots.
other	warning	URL: https://potspack-ch.xyz/assets/XcRfQQJXAJcb3874cd.1696621742212.js Message: Found declarative shadowroot attribute on a template, but declarative Shadow DOM has not been enabled by includeShadowRoots.
other	warning	URL: https://potspack-ch.xyz/assets/XcRfQQJXAJcb3874cd.1696621742212.js Message: Found declarative shadowroot attribute on a template, but declarative Shadow DOM has not been enabled by includeShadowRoots.
other	warning	URL: https://potspack-ch.xyz/assets/XcRfQQJXAJcb3874cd.1696621742212.js Message: Found declarative shadowroot attribute on a template, but declarative Shadow DOM has not been enabled by includeShadowRoots.
other	warning	URL: https://potspack-ch.xyz/assets/XcRfQQJXAJcb3874cd.1696621742212.js Message: Found declarative shadowroot attribute on a template, but declarative Shadow DOM has not been enabled by includeShadowRoots.
other	warning	URL: https://potspack-ch.xyz/assets/XcRfQQJXAJcb3874cd.1696621742212.js Message: Found declarative shadowroot attribute on a template, but declarative Shadow DOM has not been enabled by includeShadowRoots.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

potspack-ch.xyz
104.21.32.100
18b829aa87423f0a56d856e517d69382c2c54596c58012a16a0528f40c34ff7e
19470021856964e9f13369a82716060dcdbb1c2bc648d44c946fc34ea2b8cce2
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2770041fad143fbb30ac2c627933bd02404db1626ffcbe8aa90320dcd7591460
2bd71002cd488c6752a7456475dba9173dd987d5b5165cf882a7d144c547914a
42606cdd70b43d02b1c53e636902766ee36f22742d4f2db74fe60a251811b33f
43a9e69a4bd2f3da5f66303d36faff90d1df8487442480fb8b5184d2ed0d2c6f
43e9e74754c41f44c5f8c7e66839f1bf90f79930f6e0eec972b6a6725a6e9012
4fcb6a416db18d7b04f59500b088a2e0971307a3ed6ea80cec4da05f71cadf84
6d8e5fdec28351fed2cf2e7191ed80f28e8fb14f93371094158ccf6405e6c1fc
70e7973b280916a5e26032bc93d4be4992806903146cc16a205d2f64e9934d00
809e1f077a95f977f6061aa362127f81a63c28805eab6f9fcbfc2b452e0bf45d
8a512e718622a5a1c8d0c360c943ee185f2b9cb0f4afb78d0eac1a7c64ca21ce
905ac3b61def647ff98dd38dcefaca4d50deae6ee05d86814de865f996ea04fc
90d6844806a5e2ee88f1f9fbcc2c844a6fcc57988cb46f4f1e5a81d58441bbee
bdc1eccc470eddbaca39b01aae6a5d724e8643fce429f029995a146849eb95b5
d01173b14a46ebc0f8633d37da616d7d95f1dc3d59f32024d4f3d871e958051b
dc645ddffd4b66feb1f5be4d4c661a9ab2e9be2a26c4a08b376ab68d9025dcd9
e055d3f119a00ee47c6802612a3dd218ee5425dd73d40fd2f20df34be83c2a0b
e224d45665e64a7ea0e97b239d053e62a8ecc88c57e32c2063a0f88b4974b920
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

potspack-ch.xyz Open in urlscan Pro 104.21.32.100 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

2321 kBTransfer

7614 kBSize

0 Cookies

0 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

11 Console Messages

Indicators

potspack-ch.xyz Open in urlscan Pro
104.21.32.100 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2321 kB
Transfer

7614 kB
Size

0
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!