urlscan.io logo urlscan.io
SecurityTrails logo

ghbank-survey.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2c98  Public Scan

Go To Rescan Add Verdict Report
URL: https://ghbank-survey.pages.dev/
Submission: On April 22 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 9 HTTP transactions. The main IP is 2606:4700:310c::ac42:2c98, located in United States and belongs to CLOUDFLARENET, US. The main domain is ghbank-survey.pages.dev.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 22nd 2022. Valid for: a year.
This is the only time ghbank-survey.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:310... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
2 104.90.161.154 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
9 5
4    2606:4700:310c::ac42:2c98 (United States)

ASN13335 (CLOUDFLARENET, US)
ghbank-survey.pages.dev
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:223f:e200:4:e131:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.line-scdn.net
2    104.90.161.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-161-154.deploy.static.akamaitechnologies.com
api.line.me
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
4 pages.dev
ghbank-survey.pages.dev
387 KB
2 line.me
api.line.me — Cisco Umbrella Rank: 74753
1 KB
1 gstatic.com
fonts.gstatic.com
18 KB
1 line-scdn.net
static.line-scdn.net — Cisco Umbrella Rank: 40458
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
1 KB
9 5
Domain Requested by
4 ghbank-survey.pages.dev ghbank-survey.pages.dev
2 api.line.me ghbank-survey.pages.dev
1 fonts.gstatic.com fonts.googleapis.com
1 static.line-scdn.net ghbank-survey.pages.dev
1 fonts.googleapis.com ghbank-survey.pages.dev
9 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-22 -
2023-04-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.line-scdn.net
GlobalSign RSA OV SSL CA 2018		 2020-06-19 -
2022-08-17		 2 years crt.sh
api.line.me
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-10 -
2023-04-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ghbank-survey.pages.dev/
Frame ID: A5FE35313AAC16BC0903D97B2A07AC8D
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GH Bank

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

9
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

413 kB
Transfer

1398 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ghbank-survey.pages.dev/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ghbank-survey.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f4f8bdd354e6189bc57045f164d4ad6d346c809293aa9d0be10ca7d9df6150f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
6fffdb8b0f89912b-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 22 Apr 2022 16:50:17 GMT
etag
W/"4f19bcb7e41f1f30ec773caf6d6c8158"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTlCLzA7z9TwhezF18Xf7Ykg%2BOJEESz9VvORfViWxvANCMGs2OZE1HBxgpdSAnVT2I1Fp7mTUd0NqifZZA2GHKTbZyo078Q79jq6tUfhM14zoNFA8fmdU33Sd%2BdGtLOsGrH%2BklV3agyv0oZFZABF%2Fbo6uDZaIw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Prompt:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,600&display=swap
Requested by
Host: ghbank-survey.pages.dev
URL: https://ghbank-survey.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e9fe163273b434ddbc213c836a4be29ebd3fdf34a4df3b9a369162ff189d608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ghbank-survey.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 16:50:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 22 Apr 2022 16:50:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Apr 2022 16:50:17 GMT
app.ee2b7b30.css
ghbank-survey.pages.dev/css/ 		135 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ghbank-survey.pages.dev/css/app.ee2b7b30.css
Requested by
Host: ghbank-survey.pages.dev
URL: https://ghbank-survey.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bfeee895891b6504abbeb946c9b078cfb92e9a4ee26a28914ba400646724e68
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ghbank-survey.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 16:50:17 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"995a490ea8863b476ce5d19c3f0e56db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NGzSiiBjYAV%2Bp%2FJtp5piXoOsyc%2FjlwFCRJtkzxM%2B49u8NRB6o5z%2FnH0prqYUVpDu3mnIt1i3a8Qblfh2DcpcbI13B5GniSSQ%2Fa7rBT%2BVx3KUWNjSlVuSGPytcHCuEYpcxHp61QERmD6kvmX0MjkQYsJoNbiIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
6fffdb8b68c5912b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options
nosniff
app.791d35f2.js
ghbank-survey.pages.dev/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ghbank-survey.pages.dev/js/app.791d35f2.js
Requested by
Host: ghbank-survey.pages.dev
URL: https://ghbank-survey.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
152dbcbe6facbeb42d2c031d836732797cd957522fd3bd676008c26beece2c5a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ghbank-survey.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 16:50:17 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"f743f5f81688d06d236a60b86cc87b5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbiQp2RR4ojqO%2BFd%2B62AQQurm1PUb1W2%2BK8rvDzgGUvk344mHd3e5WxqJHO5bttkh1TOEs3qNqlSHhmZk6W1IYU%2FZDH7hlvDLtB9LJW18%2BKdUAhU1uwmLYBHoY4s2MgCjGzwePbcTeeISoKHFjq%2FK6WYqlMTeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
6fffdb8b68cb912b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options
nosniff
chunk-vendors.7f677c72.js
ghbank-survey.pages.dev/js/ 		1 MB
362 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ghbank-survey.pages.dev/js/chunk-vendors.7f677c72.js
Requested by
Host: ghbank-survey.pages.dev
URL: https://ghbank-survey.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e60839c3a2ea159d405955f266d605343468ba77af6afe9d5abbeb009ec1d62
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ghbank-survey.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 16:50:17 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"0a63c42a760643b0803f9a20e5440132"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOcEkizGUtqtamrDpxpRs0uLp7dYAmQ4QBR0%2Bat31YxMmaTRyZoPR%2BdkASE2dYddcksoCVyw442MBdZeZjrSpphEYSe5K6h4PQH7xXDIw1ti5AUaoNIOhO3UB711QeyflXDM%2Fc%2FuyTBK9fHPGDH%2FuwNsam8rFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
6fffdb8b68d0912b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options
nosniff
non-ios-extensions.js
static.line-scdn.net/liff/edge/2/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.line-scdn.net/liff/edge/2/non-ios-extensions.js
Requested by
Host: ghbank-survey.pages.dev
URL: https://ghbank-survey.pages.dev/js/chunk-vendors.7f677c72.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e200:4:e131:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
VOS /
Resource Hash
bbb1ae53b9ca341f1e55fecc2eecc40b1bc33173a0e96249de302b3ad86bec09
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ghbank-survey.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id
BLPIGzY1AgYJ31bA0c3ieV12.BX5SYv
content-encoding
gzip
etag
W/"575158cc06f7103a5ebdcbc4fbb4f0b6"
age
30740
x-cache
Hit from cloudfront
x-rgw-object-type
Normal
strict-transport-security
max-age=15768000
last-modified
Mon, 18 Apr 2022 02:33:42 GMT
server
VOS
date
Fri, 22 Apr 2022 08:18:01 GMT
vary
Accept-Encoding,Origin
content-type
application/javascript
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
jl2Bil0qPPJibGZIDjLMLTWuh9S3N5hCKjbyt3yGmNfaXfnmQtKmjQ==
contextToken
api.line.me/liff/v2/apps/1655961475-9mLKlEe3/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.line.me/liff/v2/apps/1655961475-9mLKlEe3/contextToken
Requested by
Host: ghbank-survey.pages.dev
URL: https://ghbank-survey.pages.dev/js/chunk-vendors.7f677c72.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.161.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-161-154.deploy.static.akamaitechnologies.com
Software
Armeria/1.14.1 /
Resource Hash
91a162c0b9ed463a962fb7521f0e2168c91f751221afb0dbdeeb374a74f7cd56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://ghbank-survey.pages.dev/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 22 Apr 2022 16:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Armeria/1.14.1
x-line-request-id
8dee006f05b2391c
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
vary
Accept-Encoding
content-length
1001
x-xss-protection
1; mode=block
expires
Fri, 22 Apr 2022 16:50:18 GMT
contextToken
api.line.me/liff/v2/apps/1655961475-9mLKlEe3/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.line.me/liff/v2/apps/1655961475-9mLKlEe3/contextToken
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.161.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-161-154.deploy.static.akamaitechnologies.com
Software
Armeria/1.14.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ghbank-survey.pages.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,POST,PUT,DELETE
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Fri, 22 Apr 2022 16:50:18 GMT
expires
Fri, 22 Apr 2022 16:50:18 GMT
pragma
no-cache
server
Armeria/1.14.1
-W__XJnvUD7dzB2KYNod.woff2
fonts.gstatic.com/s/prompt/v9/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/prompt/v9/-W__XJnvUD7dzB2KYNod.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Prompt:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7be1a25fcda009175b0f140bbd7ed9afdb5798d0c93717b44c62ddc19aef582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ghbank-survey.pages.dev
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 23:10:15 GMT
x-content-type-options
nosniff
age
150002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17640
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Apr 2023 23:10:15 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| webpackJsonp object| regeneratorRuntime function| _ object| liff object| webpackJsonpliffClientExtension object| liffClientExtension

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff