app.cst-assistant.com Open in urlscan Pro
2400:52e0:1e00::1080:1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.cst-assistant.com/
Submission: On June 08 via api (June 8th 2024, 5:40:31 am UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 44 HTTP transactions. The main IP is 2400:52e0:1e00::1080:1, located in Germany and belongs to CDN77 _, GB. The main domain is app.cst-assistant.com.
TLS certificate: Issued by R3 on May 27th 2024. Valid for: 3 months.

This is the only time app.cst-assistant.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
7	2400:52e0:1e0... 2400:52e0:1e00::1080:1	60068 (CDN77 _) (CDN77 _)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1	104.16.185.241 104.16.185.241	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.195.193 172.67.195.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:ad5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
44	9

7 2400:52e0:1e00::1080:1 (Germany)

ASN60068 (CDN77 _, GB)

app.cst-assistant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.185.241 (None, )

ASN13335 (CLOUDFLARENET, US)

icanhazip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

jsonplaceholder.typicode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.195.193 (United States)

ASN13335 (CLOUDFLARENET, US)

pokeapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ad5 (United States)

ASN13335 (CLOUDFLARENET, US)

reqres.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cst-assistant.com app.cst-assistant.com	79 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	2 MB
1	reqres.in reqres.in — Cisco Umbrella Rank: 262124	595 B
1	pokeapi.co pokeapi.co — Cisco Umbrella Rank: 257551	763 B
1	typicode.com jsonplaceholder.typicode.com — Cisco Umbrella Rank: 158791	777 B
1	icanhazip.com icanhazip.com — Cisco Umbrella Rank: 8429	344 B
44	6

	Domain	Requested by
7	app.cst-assistant.com	app.cst-assistant.com
2	www.gstatic.com	app.cst-assistant.com www.gstatic.com
1	reqres.in	app.cst-assistant.com
1	pokeapi.co	app.cst-assistant.com
1	jsonplaceholder.typicode.com	app.cst-assistant.com
1	icanhazip.com	app.cst-assistant.com
1	fonts.gstatic.com	app.cst-assistant.com
44	7

This site contains no links.

Subject Issuer	Validity	Valid
app.cst-assistant.com R3	`2024-05-27` - `2024-08-25`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
icanhazip.com E1	`2024-05-05` - `2024-08-03`	3 months	crt.sh
typicode.com E1	`2024-04-24` - `2024-07-23`	3 months	crt.sh
pokeapi.co GTS CA 1P5	`2024-05-02` - `2024-07-31`	3 months	crt.sh
reqres.in E1	`2024-04-13` - `2024-07-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://app.cst-assistant.com/
Frame ID: 9B14F1FDF9A19E427703DCCF0F6053F7
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CST Assistant

Detected technologies

Zip (Payment processors) Expand

Overall confidence: 100%
Detected patterns

zip\.co

Page Statistics

44
Requests

32 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

9
IPs

4
Countries

1653 kB
Transfer

13064 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
app.cst-assistant.com/ 5 KB
3 KB 156ms
40ms Document
text/html 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

037d1212c764314963534765c8043145aae891117a038ae062cc3a1f077b58c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=2592000
cdn-cache: HIT
cdn-cachedat: 05/08/2024 14:15:01
cdn-edgestorageid: 1079
cdn-proxyver: 1.04
cdn-pullzone: 2104512
cdn-requestcountrycode: DE
cdn-requestid: aa3a4818b76995236b5656fb3e917f50
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
content-encoding: br
content-type: text/html
date: Sat, 08 Jun 2024 05:40:26 GMT
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
server: BunnyCDN-DE1-1080
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

GET
H2 200 styles.css
app.cst-assistant.com/ 2 KB
1 KB 106ms
106ms Stylesheet
text/css 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/styles.css

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

6149c0aae07c369267d9f88cd7e65488d06905972b1233c142b4bdbcb26544e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cdn-edgestorageid: 1079
cdn-cachedat: 06/07/2024 09:15:34
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: d81a7ec9bf861f01ed200760a1fd0b4f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 app.js Show response
app.cst-assistant.com/ 593 B
876 B 41ms
41ms Script
text/javascript 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/app.js

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

6570cefc0ea0d5160228079deb1dcddd5aa9a632b4d1c65a2ac33e1025ae09d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cdn-edgestorageid: 1079
cdn-cachedat: 06/07/2024 09:15:34
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cache-control: public, max-age=2592000
cdn-requestid: 05e63b6ced5c9b05f858c1f1ffa1ed76
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 splash.js Show response
app.cst-assistant.com/ 770 B
859 B 96ms
96ms Script
text/javascript 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/splash.js

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

39e29804640031a2dbfcc28b68bc6b4f89f834ed82277f68eb86cc8c1739f9d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cdn-edgestorageid: 1079
cdn-cachedat: 05/27/2024 14:15:02
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cache-control: public, max-age=2592000
cdn-requestid: 29a72fbd95f7ee4aa732fd159c0e45f7
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 light-1x.gif
app.cst-assistant.com/splash/img/ 71 KB
71 KB 44ms
44ms Image
image/gif 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.cst-assistant.com/splash/img/light-1x.gif

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

204e0f72f2f7fe766360355c84fd83d4927c13efce24a96714aa8a1c1d724312

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1081
cdn-cachedat: 05/27/2024 14:15:02
cdn-pullzone: 2104512
content-length: 72226
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: image/gif
cdn-cache: HIT
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cache-control: public, max-age=2592000
cdn-requestid: c8568832e1c6f202b69042cdbb66ba13
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 favicon.png
app.cst-assistant.com/ 1 KB
2 KB 40ms
40ms Other
image/png 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/favicon.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

3e124a221de0a3503acd0a9facd95b50aa37691da87f92bee516b2121d955640

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1079
cdn-cachedat: 05/15/2024 09:07:22
cdn-pullzone: 2104512
content-length: 1513
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: image/png
cdn-cache: HIT
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cache-control: public, max-age=2592000
cdn-requestid: 6f6c95f5d1401e560751b073dc859f4b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 main.dart.js Show response
app.cst-assistant.com/ 4 MB
0 1ms
1ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/main.dart.js

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

ed214b99962f5053c42143943d57e263f76fc9d9e67651dc495c0f331883b296

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:27 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1082
cdn-cachedat: 06/01/2024 18:56:10
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:43 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cache-control: public, max-age=2592000
cdn-requestid: 1e8ade831853c549ac0d60acecf70f1a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 canvaskit.js Show response
www.gstatic.com/flutter-canvaskit/9064459a8b0dcd32877107f6002cc429a71659d1/chromium/ 92 KB
26 KB 135ms
36ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/flutter-canvaskit/9064459a8b0dcd32877107f6002cc429a71659d1/chromium/canvaskit.js

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee722314e8473c424e0fca10ac132a144be67abd90d69af22266610cf7706e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 14:41:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25876
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 01:37:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="flutter-team"
vary: Accept-Encoding
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Jun 2025 14:41:54 GMT

GET
H2 200 FontManifest.json Show response
app.cst-assistant.com/assets/ 2 KB
0 1ms
1ms Fetch
application/json

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/FontManifest.json

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

286867a2ab0584785d308206242355ecc9826116e32a65d1070d0f608feadd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:27 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1080
cdn-cachedat: 06/07/2024 09:15:34
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:43 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: application/json
cdn-cache: HIT
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cache-control: public, max-age=2592000
cdn-requestid: 683980d79c9b1c85aa5d9a8c93b485a3
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 MaterialIcons-Regular.otf Show response
app.cst-assistant.com/assets/fonts/ 11 KB
0 47ms
47ms Fetch
font/otf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/fonts/MaterialIcons-Regular.otf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

1000ae77615c96d8f374e56f41c95ebd772d318e7263edb0a46aad9f580ceed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1081
cdn-cachedat: 05/27/2024 14:15:06
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/otf
cdn-cache: HIT
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cache-control: public, max-age=2592000
cdn-requestid: 5cf59cd118f50c7cc756bf52644306cd
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-Thin.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 158 KB
0 50ms
50ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-Thin.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

95875f9ef0d12d5cbdd64852933a578021c810cec247f7564207e046cf6c7289

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1081
cdn-cachedat: 05/27/2024 14:15:06
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 3a87b8fc13ab557be3ce823dc1dd0a01
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-ThinItalic.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 183 KB
0 60ms
60ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-ThinItalic.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

043226b0e187263ab54de3e971b663a77e52c3857cbb235c8410388db6d28de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1082
cdn-cachedat: 06/07/2024 09:15:35
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 677959fcd135447220f63a0b32b9fd0f
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-ExtraLight.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 158 KB
0 51ms
51ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-ExtraLight.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

60c4bb1b8f272f0ac4702b962cc46e58e885a65624479be1c0646c9e37d9ce62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1082
cdn-cachedat: 06/07/2024 09:15:34
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 29aa69ecd70a62dbfdd223d7404dea15
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-ExtraLightItalic.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 182 KB
0 69ms
69ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-ExtraLightItalic.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

05418f4d333f25ddaf359adaf39b2777e64dad0f83c3fa4502d193d0ad19a9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1079
cdn-cachedat: 06/07/2024 09:15:34
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 25b7fed7163f13c113a57ed8d5328532
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-Light.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 156 KB
0 70ms
70ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-Light.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

647f014d36822ef7e0413ffbb65598ae0cb57fb798e635c63912c93d94eb356a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1081
cdn-cachedat: 06/07/2024 09:15:34
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 49c66782e0afbcaff54b7c5ed19a324a
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-LightItalic.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 180 KB
0 57ms
57ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-LightItalic.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

6d00aa5531c8b8ba0934de7925985c6636c99fbc89b4c9f79629fb4a9067654f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1082
cdn-cachedat: 06/07/2024 09:15:34
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 1a2bce68c14bd6fc2e5c0b07a75a24ae
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-Regular.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 155 KB
0 61ms
61ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-Regular.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1079
cdn-cachedat: 05/27/2024 14:15:06
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 9668862aecf27cff7fc32e72b3683f7e
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-Italic.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 178 KB
0 131ms
131ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-Italic.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

3225cec6a018310497ea9ee116aa43b2a833464fed6156dceb9a3a4424bb8613

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1080
cdn-cachedat: 05/08/2024 14:29:34
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: REVALIDATED
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 95e75bf825a0598a2c547ea475b93350
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-Medium.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 153 KB
0 65ms
65ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-Medium.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

8d909883de81344e0fbcfef30e931872e92d9aeecdf85b6dcf6e0b28c078e98e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1080
cdn-cachedat: 05/27/2024 14:15:06
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 96f8262de7dc3ca9cba14b234219a6b5
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-MediumItalic.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 176 KB
0 85ms
85ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-MediumItalic.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

449f6bd907fe29dbdfd5ef0990bdbb7fd800efa748a83f7b7529dcb94f79955b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1080
cdn-cachedat: 06/07/2024 09:15:34
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 6c5bb093936b39b0d6402fbea7c55be4
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-SemiBold.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 152 KB
0 85ms
85ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-SemiBold.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

248c0244b350ec68880996aa6be6d7796274b49992d5fcbbefe251906aa4ea36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1080
cdn-cachedat: 05/27/2024 14:15:06
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 8b7902507264a1864d25e436637c934c
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-SemiBoldItalic.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 174 KB
0 92ms
92ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-SemiBoldItalic.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

74b31cbc29dc90c2d630e77673e7b6f714ff9bb01e5d424670bc61ca85b6093a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1081
cdn-cachedat: 05/27/2024 14:15:06
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 72556b3e402ff1f8e92b2978adda2f62
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-Bold.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 150 KB
0 90ms
90ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-Bold.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

7219547ee25334cbac0fe4b3acf0bf631e48ebb622c71af038edaaa652c60875

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1079
cdn-cachedat: 05/27/2024 14:15:06
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 39b1f0e0374ef789ee88b24c157e3107
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-BoldItalic.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 172 KB
0 107ms
107ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-BoldItalic.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

9d4d9f3c2c289eaec403660ec215bdc45e62b49f978807714bfc31ca7916c8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1081
cdn-cachedat: 05/27/2024 14:15:06
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: f338533aac4ecbbb6316173fc840208e
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-ExtraBold.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 149 KB
0 88ms
88ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-ExtraBold.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

94a215f88fbde9099cb3bd1431b8142aba26af36f8771effec56a94bc3aad1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1079
cdn-cachedat: 06/07/2024 09:15:34
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: ec5a72cfffa9f0c400b654dc803926fb
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-ExtraBoldItalic.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 170 KB
0 103ms
103ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-ExtraBoldItalic.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

bba986e116690660f70d3ebb18a74d8d2c8eafcda6c28c8ffc4306aa1e2b91e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1079
cdn-cachedat: 06/07/2024 09:15:34
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: a656068f0b3bb44ef885c09b8559b1f4
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-Black.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 148 KB
0 100ms
100ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-Black.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

291e4388a436cf0c0d532ce4735a4ca36bd2286912b051ea423d5c383be06cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1082
cdn-cachedat: 05/27/2024 14:15:06
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 5f90a87973098e28e895fb9f771f8b7d
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Poppins-BlackItalic.ttf Show response
app.cst-assistant.com/assets/assets/fonts/poppins/ 168 KB
0 105ms
105ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/fonts/poppins/Poppins-BlackItalic.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

a5e3e31e9dc6878269fdda8a968f8c0212beef9f7ef6028b6d1e02293316db7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1082
cdn-cachedat: 05/27/2024 14:15:06
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: c38d5e174c31e53244943251413a90d2
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fa-brands-400.ttf Show response
app.cst-assistant.com/assets/packages/font_awesome_flutter/lib/fonts/ 165 KB
0 96ms
96ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/packages/font_awesome_flutter/lib/fonts/fa-brands-400.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

e68cb27bed42fe434be64d0d6296d8dc5b81686a725fe31d4293509f8598636e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1082
cdn-cachedat: 05/15/2024 09:07:23
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 4268abf8845aa69ec03fdc99248ded02
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fa-regular-400.ttf Show response
app.cst-assistant.com/assets/packages/font_awesome_flutter/lib/fonts/ 48 KB
0 101ms
101ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/packages/font_awesome_flutter/lib/fonts/fa-regular-400.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

6b04ad8cd0e6be09eb285526cc0e4f66f84ae231d7eeffa4569f65b9fc3d511d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1081
cdn-cachedat: 05/27/2024 14:15:06
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 51824d0ddb2101fd4edcae487540a1a9
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fa-solid-900.ttf Show response
app.cst-assistant.com/assets/packages/font_awesome_flutter/lib/fonts/ 349 KB
0 121ms
121ms Fetch
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/packages/font_awesome_flutter/lib/fonts/fa-solid-900.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

2395721ec2a7ba59d9ea05e0567339ca73d280e8768fb3f7eceb6fd2c1824913

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1080
cdn-cachedat: 06/07/2024 09:15:34
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:46 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cdn-requestid: 51af9bd41d680e786f526c7dbf40375c
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf Show response
fonts.gstatic.com/s/roboto/v20/ 167 KB
90 KB 129ms
40ms Fetch
font/ttf 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 02:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91230
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 02:54:22 GMT

GET
H3 200 canvaskit.wasm Show response
www.gstatic.com/flutter-canvaskit/9064459a8b0dcd32877107f6002cc429a71659d1/chromium/ 5 MB
1 MB 89ms
40ms Fetch
application/wasm 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/flutter-canvaskit/9064459a8b0dcd32877107f6002cc429a71659d1/chromium/canvaskit.wasm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/flutter-canvaskit/9064459a8b0dcd32877107f6002cc429a71659d1/chromium/canvaskit.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

e1a534c2a6972de00e1be91b2c8797b2bc8381b8f9b9d891437e21546a67db36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 08:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1490411
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 01:37:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="flutter-team"
vary: Accept-Encoding
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-type: application/wasm
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Jun 2025 08:31:17 GMT

GET
H2 200 dotenv.production Show response
app.cst-assistant.com/assets/ 490 B
0 197ms
197ms Fetch
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/dotenv.production

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

62428eec5e1a61047cdaef199fe4a3411dd83dd0d34850a0cf230af5ab4230cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1079
cdn-cachedat: 06/07/2024 09:15:35
cdn-pullzone: 2104512
content-length: 490
last-modified: Wed, 24 Apr 2024 09:19:43 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
content-type: application/octet-stream
cdn-cache: HIT
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cache-control: public, max-age=2592000
cdn-requestid: 68cdf21ef8d61437468919e139137186
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 locales.json Show response
app.cst-assistant.com/assets/assets/ 95 B
0 43ms
43ms Fetch
application/json

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/locales.json

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

5e4d9a0e27318acc86cb38087ae340938faf9b1c6ccf922325de7e60dace2a75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1080
cdn-cachedat: 05/27/2024 14:15:09
cdn-pullzone: 2104512
content-length: 95
last-modified: Wed, 24 Apr 2024 09:19:43 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
content-type: application/json
cdn-cache: HIT
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cache-control: public, max-age=2592000
cdn-requestid: ce55a3abbc72bc0673db679d8b46811c
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

HEAD
H3 200 / Show response
icanhazip.com/ 0
344 B 107ms
46ms XHR
text/plain 104.16.185.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icanhazip.com/
Requested by: Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.185.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: *
cf-ray: 89068c20585a19af-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13

HEAD
H3 200 1 Show response
jsonplaceholder.typicode.com/posts/ 0
777 B 374ms
318ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsonplaceholder.typicode.com/posts/1

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:29 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding: br
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717825229&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=BEctdKetp0CsyV0t1OLHzK%2BE1TBxpMs3mI%2BcKTgBuqw%3D
pragma: no-cache
server: cloudflare
etag: W/"124-yiKdLzqO5gfBrJFrcdJ8Yq0LGnU"
x-ratelimit-remaining: 999
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717825229&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=BEctdKetp0CsyV0t1OLHzK%2BE1TBxpMs3mI%2BcKTgBuqw%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.cst-assistant.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
x-ratelimit-reset: 1717825267
x-ratelimit-limit: 1000
cache-control: max-age=43200
cf-ray: 89068c205ff7048f-FRA
priority: u=1,i
expires: -1

HEAD
H3 200 1 Show response
pokeapi.co/api/v2/pokemon/ 0
763 B 588ms
528ms XHR
application/json 172.67.195.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pokeapi.co/api/v2/pokemon/1

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.195.193 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31556926
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 6540
x-served-by: cache-mia-kmia1760034-MIA
server: cloudflare
x-timer: S1717751736.787834,VS0,VE0
etag: W/"3ba52-0eqwu9QJV2LgwDuB/BKw4elFJho"
vary: Accept-Encoding,cookie,need-authorization, x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dxVxCzoY6VOyj9eq9%2BJaGLaoDAg29SRNpA0MFk9Vg1l7KZUzNNn%2FFYMn4OFX%2BsAIIbcUMId5RmXAiPNh6%2Fr2yb9IBF3LnLuXdz1eZo8QWwe24GQ1L7HV5MhLktD9"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 69d082da94222369360325f19e60387a
cache-control: public, max-age=86400, s-maxage=86400
function-execution-id: nxlw0n6grsux
accept-ranges: bytes
cf-ray: 89068c205c744d5b-FRA
priority: u=1,i
x-country-code: US
x-cache-hits: 33

HEAD
H2 200 1 Show response
reqres.in/api/users/ 0
595 B 200ms
107ms XHR
application/json 2606:4700:20::681a:ad5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://reqres.in/api/users/1
Requested by: Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
x-powered-by: Express
etag: W/"118-P3iKcVpIgCj9HqYeOOrGLX8qJVc"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717825228&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=uiSCRUz7IOrD7vgGM7kWAIeqFEuaKDTOvmlb3oGy9kc%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 89068c209b9665c8-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717825228&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=uiSCRUz7IOrD7vgGM7kWAIeqFEuaKDTOvmlb3oGy9kc%3D

GET
H2 200 version.json Show response
app.cst-assistant.com/ 110 B
544 B 41ms
41ms XHR
application/json 2400:52e0:1e00::1080:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/version.json?cachebuster=1717825228781

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

c3b82fc6b5fe8dbea2f5e11d2e703bb9a3f7b27f2332adde6156d1866265de7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1081
cdn-cachedat: 06/07/2024 09:15:35
cdn-pullzone: 2104512
content-length: 110
last-modified: Wed, 24 Apr 2024 09:19:43 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: application/json
cdn-cache: HIT
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cache-control: public, max-age=2592000
cdn-requestid: 912101f67852cc893d96cf52b1b472b0
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 en.svg Show response
app.cst-assistant.com/assets/assets/flags/ 535 B
0 42ms
42ms Fetch
image/svg+xml

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/flags/en.svg

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

51a8613ac1b05eafb9486e6420336bd8b95dae7a9d11def6318776a61c701a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1079
cdn-cachedat: 06/07/2024 09:15:35
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:43 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cache-control: public, max-age=2592000
cdn-requestid: 17e1f8060067a0c9a633876e468ed9b9
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 da.svg Show response
app.cst-assistant.com/assets/assets/flags/ 236 B
0 42ms
42ms Fetch
image/svg+xml

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/flags/da.svg

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

d2847c0bd7a1fb97977ee51f2f618c5ebc5898dd66ef9804f187613c27bdca1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:28 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1079
cdn-cachedat: 06/07/2024 09:15:35
cdn-pullzone: 2104512
last-modified: Wed, 24 Apr 2024 09:19:43 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cache-control: public, max-age=2592000
cdn-requestid: 1395aea45f4c5958f8a75ed2d2f2793b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 AssetManifest.bin Show response
app.cst-assistant.com/assets/ 4 KB
0 43ms
43ms Fetch
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/AssetManifest.bin

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

a873451ad124841663dab5c03cb769c1d907d863471059a3fc406c47fd3c6455

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1081
cdn-cachedat: 05/15/2024 09:07:24
cdn-pullzone: 2104512
content-length: 3688
last-modified: Wed, 24 Apr 2024 09:19:43 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
content-type: application/octet-stream
cdn-cache: HIT
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cache-control: public, max-age=2592000
cdn-requestid: 0f7c61a551f7a741f8ea7a731b37db44
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 intro_1.jpeg Show response
app.cst-assistant.com/assets/assets/images/ 146 KB
0 45ms
45ms Fetch
image/jpeg

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cst-assistant.com/assets/assets/images/intro_1.jpeg

Requested by

Host: app.cst-assistant.com
URL: https://app.cst-assistant.com/main.dart.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

2c5507dcee91e34ae294cf576eaf645ee3c4134a9cd77704c4fceea199b095b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.cst-assistant.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:40:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cdn-edgestorageid: 1079
cdn-cachedat: 06/07/2024 09:15:35
cdn-pullzone: 2104512
content-length: 148999
last-modified: Wed, 24 Apr 2024 09:19:43 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: BunnyCDN-DE1-1080
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 8630eddb-10fd-423a-9ecf-8567a154cef7
cache-control: public, max-age=2592000
cdn-requestid: 654a01dd049888ad8de21c8884da622e
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.cst-assistant.com
fonts.gstatic.com
icanhazip.com
jsonplaceholder.typicode.com
pokeapi.co
reqres.in
www.gstatic.com
104.16.185.241
142.250.185.67
172.67.195.193
188.114.96.3
2400:52e0:1e00::1080:1
2606:4700:20::681a:ad5
2a00:1450:4001:80f::2003
2a00:1450:4001:828::2003
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
037d1212c764314963534765c8043145aae891117a038ae062cc3a1f077b58c8
043226b0e187263ab54de3e971b663a77e52c3857cbb235c8410388db6d28de8
05418f4d333f25ddaf359adaf39b2777e64dad0f83c3fa4502d193d0ad19a9b7
1000ae77615c96d8f374e56f41c95ebd772d318e7263edb0a46aad9f580ceed9
204e0f72f2f7fe766360355c84fd83d4927c13efce24a96714aa8a1c1d724312
2395721ec2a7ba59d9ea05e0567339ca73d280e8768fb3f7eceb6fd2c1824913
248c0244b350ec68880996aa6be6d7796274b49992d5fcbbefe251906aa4ea36
286867a2ab0584785d308206242355ecc9826116e32a65d1070d0f608feadd64
291e4388a436cf0c0d532ce4735a4ca36bd2286912b051ea423d5c383be06cd7
2c5507dcee91e34ae294cf576eaf645ee3c4134a9cd77704c4fceea199b095b4
3225cec6a018310497ea9ee116aa43b2a833464fed6156dceb9a3a4424bb8613
39e29804640031a2dbfcc28b68bc6b4f89f834ed82277f68eb86cc8c1739f9d4
3e124a221de0a3503acd0a9facd95b50aa37691da87f92bee516b2121d955640
449f6bd907fe29dbdfd5ef0990bdbb7fd800efa748a83f7b7529dcb94f79955b
51a8613ac1b05eafb9486e6420336bd8b95dae7a9d11def6318776a61c701a08
5e4d9a0e27318acc86cb38087ae340938faf9b1c6ccf922325de7e60dace2a75
60c4bb1b8f272f0ac4702b962cc46e58e885a65624479be1c0646c9e37d9ce62
6149c0aae07c369267d9f88cd7e65488d06905972b1233c142b4bdbcb26544e0
62428eec5e1a61047cdaef199fe4a3411dd83dd0d34850a0cf230af5ab4230cb
647f014d36822ef7e0413ffbb65598ae0cb57fb798e635c63912c93d94eb356a
6570cefc0ea0d5160228079deb1dcddd5aa9a632b4d1c65a2ac33e1025ae09d5
6b04ad8cd0e6be09eb285526cc0e4f66f84ae231d7eeffa4569f65b9fc3d511d
6d00aa5531c8b8ba0934de7925985c6636c99fbc89b4c9f79629fb4a9067654f
707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a
7219547ee25334cbac0fe4b3acf0bf631e48ebb622c71af038edaaa652c60875
74b31cbc29dc90c2d630e77673e7b6f714ff9bb01e5d424670bc61ca85b6093a
8d909883de81344e0fbcfef30e931872e92d9aeecdf85b6dcf6e0b28c078e98e
94a215f88fbde9099cb3bd1431b8142aba26af36f8771effec56a94bc3aad1fd
95875f9ef0d12d5cbdd64852933a578021c810cec247f7564207e046cf6c7289
9d4d9f3c2c289eaec403660ec215bdc45e62b49f978807714bfc31ca7916c8fe
a5e3e31e9dc6878269fdda8a968f8c0212beef9f7ef6028b6d1e02293316db7d
a873451ad124841663dab5c03cb769c1d907d863471059a3fc406c47fd3c6455
bba986e116690660f70d3ebb18a74d8d2c8eafcda6c28c8ffc4306aa1e2b91e4
c3b82fc6b5fe8dbea2f5e11d2e703bb9a3f7b27f2332adde6156d1866265de7f
d2847c0bd7a1fb97977ee51f2f618c5ebc5898dd66ef9804f187613c27bdca1a
e1a534c2a6972de00e1be91b2c8797b2bc8381b8f9b9d891437e21546a67db36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68cb27bed42fe434be64d0d6296d8dc5b81686a725fe31d4293509f8598636e
ed214b99962f5053c42143943d57e263f76fc9d9e67651dc495c0f331883b296
ee722314e8473c424e0fca10ac132a144be67abd90d69af22266610cf7706e9a

app.cst-assistant.com Open in urlscan Pro 2400:52e0:1e00::1080:1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

32 %HTTPS

50 %IPv6

6 Domains

7 Subdomains

9 IPs

4 Countries

1653 kBTransfer

13064 kBSize

0 Cookies

0 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.cst-assistant.com Open in urlscan Pro
2400:52e0:1e00::1080:1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

32 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

9
IPs

4
Countries

1653 kB
Transfer

13064 kB
Size

0
Cookies

44 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!