postsg.sbs Open in urlscan Pro
2606:4700:3036::ac43:bde2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://postsg.sbs/de?a=rr-hi//de//de//de/de/de/de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de/...
Effective URL:
https://postsg.sbs/de/
Submission: On July 29 via api (July 29th 2024, 10:30:20 pm UTC) from US — Scanned from DE

Summary HTTP 34 Redirects Links 97 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3036::ac43:bde2, located in United States and belongs to CLOUDFLARENET, US. The main domain is postsg.sbs.
TLS certificate: Issued by WE1 on July 15th 2024. Valid for: 3 months.

This is the only time postsg.sbs was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 35	2606:4700:303... 2606:4700:3036::ac43:bde2		13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	1

35 2606:4700:3036::ac43:bde2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

postsg.sbs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	postsg.sbs 1 redirects postsg.sbs	617 KB
34	1

	Domain	Requested by
35	postsg.sbs	1 redirects postsg.sbs
34	1

This site contains links to these domains. Also see Links.

Domain
www.dhl.de
www.dhl.com
www.dpdhl.de
www.deutschepost.de
www.facebook.com
www.instagram.com
onetrust.com

Subject Issuer	Validity	Valid
postsg.sbs WE1	`2024-07-15` - `2024-10-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://postsg.sbs/de/
Frame ID: 814C56819C0AB4E47622DE50A4104591
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://postsg.sbs/de?a=rr-hi//de//de//de/de/de/de//de//de//de//de//de//de//de//de//de//de//de/... HTTP 307
https://postsg.sbs/de?a=rr-hi//de//de//de/de/de/de//de//de//de//de//de//de//de//de//de//de//de/... HTTP 301
https://postsg.sbs/de/ Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

34
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

616 kB
Transfer

1462 kB
Size

0
Cookies

97 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dhl.de/de/privatkunden.html

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response postsg.sbs/de/ Redirect Chain http://postsg.sbs/de?a=rr-hi//de//de//de/de/de/de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de/de//de/de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//... https://postsg.sbs/de?a=rr-hi//de//de//de/de/de/de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de/de//de/de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de/... https://postsg.sbs/de/	2 KB 1 KB	193ms 193ms	Document text/html	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a98d4c11d3a2e09c6131d66e63a7645d47d4145688917f7b1e4a9da9802c6c0c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=86400 cf-cache-status DYNAMIC cf-ray 8ab08d6358124d7c-FRA content-encoding br content-type text/html; charset=utf-8 date Mon, 29 Jul 2024 22:30:14 GMT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g6oy1Rg9%2Ba8hedprxIbZ1xVuLjPEYFXXgOzqEzsVG5GlyooUhjPeXXYH6WLu5mRCfIkHd36vuY97DB6DRRR8vGhzZZ%2BiPwxtZdVdXxwOrgD9qWbjkZzQhYnUTJHMbHaXF3DJIDnhw5Wc"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8ab08d613e1c4d7c-FRA content-type text/html; charset=utf-8 date Mon, 29 Jul 2024 22:30:14 GMT location /de/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iqQwDtvrZLkH10kHVywRALy7Fqj2aSY5LjwZo8ybknrJnPyploRTyML4JIJi0VE8lwMHKh96DY4RZ1Ak33%2BWX6JntQUYzq%2BzplyypgqVEasdz9aF4Z2gfAhMx0DTEFlt7ZM3KGrbr4ek"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept
GET H3	200	index-601fab58.js Show response postsg.sbs/de/assets/	492 KB 147 KB	40ms 39ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/index-601fab58.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ab6b565c32053403b1604087bb87fb827c9946200d319a4bbae9c27487e9b991` Request headers Referer https://postsg.sbs/de/ Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:14 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 82537 etag W/"7b1c0-18fc3464750" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivDoECK7b%2FYJnoIdH4wSBmaFj5N8jxfVJMNAMgrJHy7tcZe5uQVOFe7D9sVJcCJuUpC0Lgclk%2FiPaZZ2pzhjVD%2Fv2Cq9dX4Ht6ylJK2kUx1D3HkQiHuEgORPiWHbKIAWFzJSSstusRlj"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d64a9024d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	f6170fbbTb8FG.css postsg.sbs/de/assets/	952 B 892 B	36ms 36ms	Stylesheet text/css	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/f6170fbbTb8FG.css Requested by Host: postsg.sbs URL: https://postsg.sbs/de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:14 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 898 etag W/"3b8-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BJ13IYT1N%2FM%2FcAIN9UssSo690ok%2Fs%2BIWILvmKKHuPu3M2lGE4F1ov4HkLRFERozHhnq2ysSQ%2BY8FkHNwRfaV76QoUZ2YCP3xLQ9Cawzp%2BkIrkwTKlCEyZdsFZ0f4DL7pdYu%2BFyK2miMM"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d64a9034d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	7170d3c8AsrCt.js Show response postsg.sbs/de/assets/	5 KB 2 KB	38ms 37ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/7170d3c8AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f63a050bf60976d4618a0c8f25e373571a990f565f846a94c7651e0f72f073a1` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:14 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 82536 etag W/"1284-18fc3462fe0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Slf4E7IS7GIfAuxoTPBCipIWCfvRZ7pga10sF%2FHSAMaIpZ05mazLyIxQtAIQHQlzEUvf5fUQkHxFz5Trvwe0ju50CzlWmqLEtIuV%2B%2FWTtAqcrIVCz0M2rCI3rTPUAfenhu%2FV680totql"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d65d9dc4d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	14384689AsrCt.js Show response postsg.sbs/de/assets/	52 KB 17 KB	41ms 41ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/14384689AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f9654f33e28c829521ba7e4fa69585056d41fe8588a195e617c7816c4058d86f` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:14 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 82536 etag W/"cf7f-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wABGiqPq0quy2riCNtW2hNUKIm6ed%2BNGAh6SPVbAdyyHZtzA4yt7%2BOkWmgNt%2FmA6f7U1iBs8Izq6TsZHlBPntvRJ8FuBAvebniO8ZZgHf6Yu3K3gfwozPgWsFvppd%2BPHulPxAEzPoHz0"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d65d9de4d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon.ico postsg.sbs/	1 KB 2 KB	45ms 45ms	Other image/vnd.microsoft.icon	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `97d10bb1dd52bf50f217b414913db126771d4d2cb96439054891d0b0e08667ac` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:14 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 69920 etag W/"46a-18fc34610a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yI3gSxSx4ZsGuwBXtoHKsEzEZT7AItzQKSFVZ4lPuCm0WmcrhkwJpkumwfORjpOSej%2FQSNzjY1DLAj45ODiDmdtaygGnM74c1hXevfvHzrXHP8ck9dkt2gLYG9cw2ywehGLtFD%2FVEuwG"}],"group":"cf-nel","max_age":604800} content-type image/vnd.microsoft.icon access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d65e9e84d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	5d2f83d5AsrCt.js Show response postsg.sbs/de/assets/	34 KB 11 KB	38ms 38ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/5d2f83d5AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `03323c063d2da055f367702462c8f63d42512f3971152b377f20bca5f1d645e4` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:14 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 82535 etag W/"88e7-18fc3462fe0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R8OukOb4MR1NZ4RKTv3557KtWeM5qZ3ysIDN2HMFDNNMiNUW9xmgTUPOdyyAJ%2FvlJpyT5PFzzObI6fhCylqD1OrFEpnE8kwu804A5OTD2%2FoeSWBq6I1yfz9zqfOQDxBWQnYznGoi9NOR"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d662a1b4d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	09bf01f8AsrCt.js Show response postsg.sbs/de/assets/	2 KB 1 KB	40ms 39ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/09bf01f8AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `669f632a81707744e6e7b6c1fdd5ee87ded7931ceca5442a4e87bc7019f4d6e8` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:14 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 82535 etag W/"833-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUI%2F%2BLjfF7IpNQS3y038Fcm8pIg1FL5yeWSrxZyNKSJ2TBOIrtu6%2Bb6zrBIW123Wzv6ZZ4cLS8rX8Tlt3hrwh1QfqHV5eqWpZ6GeUq3Z%2FEy8y3mVQSkI2Ed31qegqpV%2FjGg46G9sL%2BNR"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d662a1c4d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	aafc41ccAsrCt.js Show response postsg.sbs/de/assets/	3 KB 1 KB	39ms 38ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/aafc41ccAsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `304c944d0423ccd9a83c5195b9d4bb758e0c95a7b10524e6ea7c49f176a11ba1` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:14 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 82535 etag W/"a84-18fc34637b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6vAeCExUtFtVhlDF8RouzegodoRNrt7njQBXrj8c1knU1rIAcbNlaps5SGfVCLhQDCT4g5lS2mBEnDRyP0hrxZXRSeP5wbXYXJpe430Kt2OjEBDmHpiBYsw9ERblkE73xxUwn4UFt5NL"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d662a1d4d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	83ec9905AsrCt.js Show response postsg.sbs/de/assets/	206 KB 43 KB	44ms 42ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/83ec9905AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e6555597cd5a17e1f31e5bedb48e1c761907529fffa3c15330a3dab9e6ee83ee` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:14 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 82535 etag W/"336fa-18fc34637b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KMLQjY7KcGpD%2FYeEvtzvOU5dZZj7h3oZv%2BjgSL4ujP16WzW3A%2F1F3v%2B25ZEaP3kVrF2hrNb%2BsHs%2FF5IjJgHnfAgRZgAr3QMCsR7JfX9PTvFgo5uBBXKKNma8h54wkcUnlqRlEB0d8SwZ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d662a1f4d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	c27b6911AsrCt.js Show response postsg.sbs/de/assets/	2 KB 1 KB	40ms 38ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/c27b6911AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `890f397c758cf1749ed778c5d69d5d3913eda99bb71ae2b2fb4ebe76821c7f01` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:14 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 82535 etag W/"733-18fc34637b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X22MntICzouvNkOfxDwR3BZ6hXHI4e9FtkWTn0dPnuDqCbO1czGmUtewrZCyax987gqozTercInafbZyzn%2FLGJ0hZC48FqQZYGJTpsvjG8PH9u6uvEHdSX3SYrbzFKx4rTmd5Gu9migB"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d662a204d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	d5bb296dTb8FG.css postsg.sbs/de/assets/	136 KB 20 KB	46ms 43ms	Stylesheet text/css	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/d5bb296dTb8FG.css Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5bb296d446864985bd8a8274cca8de41192a7248eb0088f678bd5bacd96d00f` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:14 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 897 etag W/"21ecc-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTdbdsS2j8q7ZTbudwGh7RdyB%2FQQlTniZ7%2FIWvH63Gy49kRzdSDlJ%2BiIaOaYYOyZN%2BtO55vV88hIuf7071xRHaeBn5U47RAZjxKwX4KN%2BsRchY7ceXBcZ8nQRN1ypAwO93jUWJ3MUAhC"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d662a224d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	aac13bf3AsrCt.js Show response postsg.sbs/de/assets/	6 KB 3 KB	43ms 40ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/aac13bf3AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0d7059a8c703a40459d32247ce300adfee1d12116801b4e8bf0ae16085a7a751` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:14 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 82535 etag W/"1898-18fc34637b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M2sgUQakvaG8Rp4bKJUPK3XdI%2FzneGSBjbKl845ULsYK0TEUWDeJclK1R4yYtOwhWCx066B4n70HhSonRWuu4dsS%2BZkptYR5eEvH3JcCPOBEQN%2FekLhP9MXFpEYNt6mv%2FaSn1vgWwSnS"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d663a244d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	4cd1ec68Tb8FG.css postsg.sbs/de/assets/	323 B 642 B	42ms 40ms	Stylesheet text/css	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/4cd1ec68Tb8FG.css Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:14 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 897 etag W/"143-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KnNDNGYoP9lAO1DKkVUgbFP86r9sAUnPnRIoQQcXYVoyD4BaizqObTkaDKsN917vSqfYxlfmTT84BGfxC%2FzyzHHyjgdttlNpe%2BMkRKX9YzUcvuVkIAH6awHub9aiwLCcxgenoxY8c3gM"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d663a254d7c-FRA alt-svc h3=":443"; ma=86400
POST H3	200	MC42MDQwNDU3MzI0Njg0MjM= Show response postsg.sbs/api/	1 KB 1 KB	195ms 194ms	XHR application/json	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/api/MC42MDQwNDU3MzI0Njg0MjM= Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `591fd084f6b377046779dd0aea52e345aa2d8ede94efcff8ca9110ba7bd2ec5d` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/encrypt Response headers date Mon, 29 Jul 2024 22:30:14 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"490-WP72OztMrofe9+W0RE5zBXfa2+4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZrFD6qyooLny%2FiXxKR1n6e1QTziQQr637k%2FLyg%2FgOOXcalvnpvgoT5yvuDoAq2wc9eIOkWu3zPivYwDLS745%2FcHSp6MGJp%2B44y9x1PqbgiTkk51aoyAtqXc4pOL5S187%2Bf%2FgAepdX%2BiD"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 8ab08d669a734d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	375c4ed8AsrCt.js Show response postsg.sbs/de/assets/	110 KB 33 KB	51ms 51ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/375c4ed8AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e966dddeca28d04633f8580074bcc3ebdabd051ce64f6710c33795c1218e40f0` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:15 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 67056 etag W/"1b952-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NUU7en8BmoXIOKxxm6TE%2B3LoQYdMgpVGgla4%2FNVfNs10OpkqQJ4iueVzawHLbH4biL62%2BS31tSr%2FKTO02zJhyABv2uSl6iiTVeIObJabuSto4Fh3zesuXJCIHNK7%2FTLQR%2F758PKUfDan"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d67dbaf4d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	/ Show response postsg.sbs/socket.io/	118 B 516 B	210ms 209ms	XHR text/plain	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/socket.io/?EIO=4&transport=polling&t=P40dPqT Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/375c4ed8AsrCt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3a0aedbfd8f2765dac297d1528c7e37e0e93141bf740e3abc5dd1ac5a8b194e5` Request headers Accept / Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:15 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWIzgfkgHmo007lrfjxAiFsh1s%2FpE81onXS4zP1dLZlX8mY8D2MakSlRPxleWXKRNAx5kZrrJi3jcq5q%2Bcym%2BU9l8mTMj4I44fULO3HKz38aZWWEqBDhBtGVIJBUd9CWxSAYtzgeRq7r"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control no-store cf-ray 8ab08d683c094d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	b797873fAsrCt.js Show response postsg.sbs/de/assets/	114 KB 36 KB	46ms 45ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/b797873fAsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `da5926ca7534438b698128e2ea8ec1f313f91f0f2697e007f004c6d146f822aa` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:15 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 898 etag W/"1c9ab-18fc34637b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o5UUL%2Fk572%2FQl3GDYPsEdG1Q7QwddaAXn4ZHziDV7s3sTxQSU8eU66kZFljuYv%2FuP7aAEtCaGXi8uNvCz1lEmgRVlF1E2i8a7QjSLOVbROyzGGekuZYLZaja87K3aeXQL41TaLMHaBzr"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d684c0e4d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	f4397cedTb8FG.css postsg.sbs/de/assets/	400 B 704 B	42ms 42ms	Stylesheet text/css	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/f4397cedTb8FG.css Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:15 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 898 etag W/"190-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AK%2F7k6lJkvY%2Bo%2FdRX6csK8Ar1WcNHcOTFWpMoGNB8Rh90H6btnJX91jatcePuTzBCwNoJQb%2FERFInZn5mWdfNDvJR2KFq%2FDkMZuNH9fXcukC9I%2FyDcBlyKMN9jp0oJnRMWtYyzqShxt8"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d684c104d7c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	39.svg postsg.sbs/de/layout/images/	904 B 812 B	42ms 42ms	Image image/svg+xml	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://postsg.sbs/de/layout/images/39.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a6b35b6b7cabb9d33c2e1d6afef2d5f546a2fd3912f5f3e96495cd64218b9251` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:30:15 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 898 etag W/"388-18fc34610a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wIW%2BfsBuPJSoYFkRHWll%2B34raj8R2qja24q%2Fej7%2F2o7I%2BGkezbCYEdfC5LRWJ%2BQuAqjSFn5ZCrRbUO6Edgnqtye6lOE4F4JwcI5m4mC1BhZ2Nuqn5TftjnwVuCKmYj6XQLrfq75wSDa2"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab08d68dcc64d7c-FRA alt-svc h3=":443"; ma=86400

postsg.sbs Open in urlscan Pro 2606:4700:3036::ac43:bde2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

616 kBTransfer

1462 kBSize

0 Cookies

97 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

postsg.sbs Open in urlscan Pro
2606:4700:3036::ac43:bde2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

616 kB
Transfer

1462 kB
Size

0
Cookies

34 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!