postsg.sbs Open in urlscan Pro
2606:4700:3036::ac43:bde2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://postsg.sbs/de?a=rr-hi//de//de//de/de/de/de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de/...
Effective URL:
https://postsg.sbs/de/
Submission: On July 29 via api (July 29th 2024, 10:19:42 pm UTC) from US — Scanned from DE

Summary HTTP 34 Redirects Links 97 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3036::ac43:bde2, located in United States and belongs to CLOUDFLARENET, US. The main domain is postsg.sbs.
TLS certificate: Issued by WE1 on July 15th 2024. Valid for: 3 months.

This is the only time postsg.sbs was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 35	2606:4700:303... 2606:4700:3036::ac43:bde2		13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	1

35 2606:4700:3036::ac43:bde2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

postsg.sbs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	postsg.sbs 1 redirects postsg.sbs	617 KB
34	1

	Domain	Requested by
35	postsg.sbs	1 redirects postsg.sbs
34	1

This site contains links to these domains. Also see Links.

Domain
www.dhl.de
www.dhl.com
www.dpdhl.de
www.deutschepost.de
www.facebook.com
www.instagram.com
onetrust.com

Subject Issuer	Validity	Valid
postsg.sbs WE1	`2024-07-15` - `2024-10-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://postsg.sbs/de/
Frame ID: F95F07B455DA3BA8DD99A12F316F7D83
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://postsg.sbs/de?a=rr-hi//de//de//de/de/de/de//de//de//de//de//de//de//de//de//de//de//de/... HTTP 307
https://postsg.sbs/de?a=rr-hi//de//de//de/de/de/de//de//de//de//de//de//de//de//de//de//de//de/... HTTP 301
https://postsg.sbs/de/ Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

34
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

616 kB
Transfer

1462 kB
Size

0
Cookies

97 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dhl.de/de/privatkunden.html

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response postsg.sbs/de/ Redirect Chain http://postsg.sbs/de?a=rr-hi//de//de//de/de/de/de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de/de//de/de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//... https://postsg.sbs/de?a=rr-hi//de//de//de/de/de/de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de/de//de/de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de/... https://postsg.sbs/de/	2 KB 1 KB	169ms 168ms	Document text/html	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a98d4c11d3a2e09c6131d66e63a7645d47d4145688917f7b1e4a9da9802c6c0c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=86400 cf-cache-status DYNAMIC cf-ray 8ab07dcbcf6e1da4-FRA content-encoding br content-type text/html; charset=utf-8 date Mon, 29 Jul 2024 22:19:35 GMT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DDYiwkKJ6qGp8OMlNXyvtRrFc4JGrO67sSuOA%2FA2FaxrtaCCI%2BzkQtglgXI%2FwFnf9nY8dF1wM28A1xo9kiKNE5qZk9FhINNUkRfGXshtrCug%2B%2FcisBwVN%2BBuaKsEhen6G%2FPeZAgPFZ95"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8ab07dc9dd9c1da4-FRA content-type text/html; charset=utf-8 date Mon, 29 Jul 2024 22:19:35 GMT location /de/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VHHuG3V9wQYmPUU7%2B1wGjhGkB4ngj8P0nXmE3pCAlF%2Bp%2FXOtWY4YPKDETFBUBAxOAzyUXCp4Quz8MUaNXsTbrJWOqHgIeKBJKz0S32qTuz2Pi1jj5Apy8eQdX8SeXpFyiOLLEnLpzq%2FP"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept
GET H3	200	index-601fab58.js Show response postsg.sbs/de/assets/	492 KB 147 KB	21ms 20ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/index-601fab58.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ab6b565c32053403b1604087bb87fb827c9946200d319a4bbae9c27487e9b991` Request headers Referer https://postsg.sbs/de/ Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:35 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 78177 etag W/"7b1c0-18fc3464750" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a5iybSBGIhVShob7XuDdcq4rDDDWjmULtDQYu9XQ0f%2F6JqeF4rHxtR5fxWe4Nd8FM20UY3UFM5nTTUngHiEQF6FwzwpoTdn%2BSoGRlc19L%2B4qaMuZr7oQ%2B7XE%2B%2BPgoNPg%2BdKVljS7Mr5A"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dcd28791da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	f6170fbbTb8FG.css postsg.sbs/de/assets/	952 B 891 B	46ms 46ms	Stylesheet text/css	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/f6170fbbTb8FG.css Requested by Host: postsg.sbs URL: https://postsg.sbs/de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:35 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 440 etag W/"3b8-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WSSDir0Em%2BK%2FBBa%2B7Jb3Q2cAbftbWxDhV4ewOzQTrsUbGR%2BkNoFZm2dcj4UfLwDBNmtfHLbuE1rywHN0PCS2I6ZQ7SAiVXBZkrrT%2F9lvB971VoTq9WWVwuF0bS%2FkxTuyjhjUzjdMvnXI"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dcd287b1da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	7170d3c8AsrCt.js Show response postsg.sbs/de/assets/	5 KB 2 KB	20ms 20ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/7170d3c8AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f63a050bf60976d4618a0c8f25e373571a990f565f846a94c7651e0f72f073a1` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:35 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 78176 etag W/"1284-18fc3462fe0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fq7FuFubLZwZz3nHl0xswCkt0jRt8mz1UfFHMv6wLhbWcBBitx5gmjSssz1mLfuLXxCQpeQ14mkjhF903YiVFi8nQdmL6CmPN9DD9d%2BQom2tkHnnOwv2Vvu8vrnd0NerRsRmZLmdEwb%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dcdc91b1da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	14384689AsrCt.js Show response postsg.sbs/de/assets/	52 KB 17 KB	20ms 20ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/14384689AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f9654f33e28c829521ba7e4fa69585056d41fe8588a195e617c7816c4058d86f` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:35 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 78176 etag W/"cf7f-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4%2Fx844oVLxfNPanVuK7flrguw7RWZmzyVjIsczksZ7u5BuizKJqb4vDsqKXwPUPYJfNSYI0FKMWzjZZueM2fc0p4vu0Y4WsW%2BldO6cvPuNGDuM34fFLdJiDYDGWGDZ897FnqBB8c6q9"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dcdc91f1da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon.ico postsg.sbs/	1 KB 2 KB	23ms 23ms	Other image/vnd.microsoft.icon	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `97d10bb1dd52bf50f217b414913db126771d4d2cb96439054891d0b0e08667ac` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 69279 etag W/"46a-18fc34610a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2r5HjRnNpqFJ9ZhxHMBPob6UqIVfYMpoSsF8yuYEXI0RCBbH7MR88uauY1MOTlizmLaTTpuiw4Al56iIyCP2GuPUreIOSkjXh6PezhiRlW9zul7vp23BeDk5InT9CubxsKk9MEaM%2F4ft"}],"group":"cf-nel","max_age":604800} content-type image/vnd.microsoft.icon access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dce599b1da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	5d2f83d5AsrCt.js Show response postsg.sbs/de/assets/	34 KB 11 KB	23ms 23ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/5d2f83d5AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `03323c063d2da055f367702462c8f63d42512f3971152b377f20bca5f1d645e4` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 78176 etag W/"88e7-18fc3462fe0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HgJFhQDa5H57aad6u4ccFtdbtBphuGHJluFLU8AmalugpCFMipQTpKYdO%2BBtkhvgyuQEv%2Fq8Wx1ZD60u83kermMIENhh1vcdet4yMeWM3WtGUt1v2gATPsPromYXDCNeXBqaMdcurhJd"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dce79b71da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	09bf01f8AsrCt.js Show response postsg.sbs/de/assets/	2 KB 1 KB	31ms 31ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/09bf01f8AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `669f632a81707744e6e7b6c1fdd5ee87ded7931ceca5442a4e87bc7019f4d6e8` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 78176 etag W/"833-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VGc8add8DTXg7OApCLip5eNKlX5feeQpByc%2FTLrwWPYe%2FL4X%2FDcL1PjgoJ3EaShHi%2BMK3zHmzseMcPdmU98iPW%2FvenFW6sK1jYibV88bqTU5Rj0hezzM1qAQsCotJWV5P4BJ4TsXvZy9"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dce79ba1da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	aafc41ccAsrCt.js Show response postsg.sbs/de/assets/	3 KB 1 KB	30ms 30ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/aafc41ccAsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `304c944d0423ccd9a83c5195b9d4bb758e0c95a7b10524e6ea7c49f176a11ba1` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 78176 etag W/"a84-18fc34637b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tGMW%2FQGrhghnPm9ztZ3KX2p1abej92LzUwfY59vpc1ny6TpB9B6D5avFJkRr39qYvuEJT5bAW5faScvCzAQdy4YDJRUWvzAjNOtcry%2BZvFlSyVPC23GN7i3w2dTyaKdxDZjBqFFoAgqA"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dce79bb1da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	83ec9905AsrCt.js Show response postsg.sbs/de/assets/	206 KB 43 KB	24ms 24ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/83ec9905AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e6555597cd5a17e1f31e5bedb48e1c761907529fffa3c15330a3dab9e6ee83ee` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 78176 etag W/"336fa-18fc34637b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2F9Z9tv0IPxiNa3HCCTaONiuNXuvFBRRZs5rZoDJZLoNcj5kGtsfevttD4mJNJE3%2BWlmZMn2gQQD9UItcYvTWwm1uOPK%2FQS%2BIm2pOcxjgLi9uirrBvIq1hNQeUc1w978FbAXbDfCUXn5"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dce79bf1da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	c27b6911AsrCt.js Show response postsg.sbs/de/assets/	2 KB 1 KB	30ms 30ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/c27b6911AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `890f397c758cf1749ed778c5d69d5d3913eda99bb71ae2b2fb4ebe76821c7f01` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 78176 etag W/"733-18fc34637b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DTzy6MF%2FbdTQNwU0wVmJAZUfaXeFlbhPbzpdWnBew0myNWkoFqS4OT%2F4oFbJX2Sp4pkNja0etwfJWluv9ZY5FtrwuVqoVXGsAmVy3e7rLEkRuFjf6NU%2FXCtcnea6VoIKPVvZ9NplTeii"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dce79c11da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	d5bb296dTb8FG.css postsg.sbs/de/assets/	136 KB 20 KB	30ms 30ms	Stylesheet text/css	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/d5bb296dTb8FG.css Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5bb296d446864985bd8a8274cca8de41192a7248eb0088f678bd5bacd96d00f` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 441 etag W/"21ecc-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2FyH5O7g7TAfuOo6HVyR0%2BvnOiXuKQ8vToWtvzOdOhCH2InxLgxU%2B%2FHA3a%2B0CJmMPG0K76uzKwjwr2jlJ87VtUxK%2BZ2%2FblW9m0R6Zdq6TrpUOwmLo%2BJJPBsmsUixIw%2Fyus1esnNrPMkT"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dce79c31da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	aac13bf3AsrCt.js Show response postsg.sbs/de/assets/	6 KB 3 KB	28ms 28ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/aac13bf3AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0d7059a8c703a40459d32247ce300adfee1d12116801b4e8bf0ae16085a7a751` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 78176 etag W/"1898-18fc34637b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rKzVxn%2FxWJpIz077MLHYtp9DccpLK7GUMKkyDeCwfRewZH2POmM3nwys6W4bbKfyEA2Ju9w8nGYnYYktn95hqmwwFbZKvglyKxjybmfmmQAPu0Pj%2BXphA%2Blxd2Po9smt1%2F%2FRPWagq0QZ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dce79c71da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	4cd1ec68Tb8FG.css postsg.sbs/de/assets/	323 B 644 B	29ms 29ms	Stylesheet text/css	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/4cd1ec68Tb8FG.css Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 441 etag W/"143-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5DL%2FihldIIkl4KeFvpV1HudiDcOeRczdu49G%2BgJjfghrs%2B4TjSNqEBBg6xMRL2dZR1zuXa0YKvk2EGoU6zYzLEkdNrpiUd986WhELOcBppJwZ683TSKhuhZKAbGMbcYRhUszbN700u%2FA"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dce79c91da4-FRA alt-svc h3=":443"; ma=86400
POST H3	200	MC4zNzQ1Mzg4ODAxNDYwMTM5 Show response postsg.sbs/api/	1 KB 1 KB	173ms 171ms	XHR application/json	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/api/MC4zNzQ1Mzg4ODAxNDYwMTM5 Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `24e14030c9d4a17f7432a7650f530428a781de53f6ea30f4102cdf35ffb23c04` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/encrypt Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"490-RQ77aYpOQFVNcnZp5S5y3YS0YNA" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2FfwOc81u%2B0DPKSzfoMTrSWFWPLhPqoddM5Mx2q6wHVQCVtmc9S2KaXkkf3DpwnE70kVny639Pk3Yha1iCioYYVOcsCaGGJivHMvB2zaxFH3v3kzkpQC%2BMDtZu%2BTJwiW5Po%2BQ9G7qBh%2F"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 8ab07dceda251da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	375c4ed8AsrCt.js Show response postsg.sbs/de/assets/	110 KB 33 KB	17ms 17ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/375c4ed8AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e966dddeca28d04633f8580074bcc3ebdabd051ce64f6710c33795c1218e40f0` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 11764 etag W/"1b952-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BGIogIFrZQA926tkPCF8NfMEO9Ugnxo%2F3EGGjECCXfV3c%2BW4ZE5Wzumkope3KUT59mSj8nb5nblMtUOdNxttJpvJgj%2BiaDyYBkLkzDdxNu2oayo%2Fea9sjoV2bmYRmEAL1itBk8lvqUcd"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dcffb391da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	/ Show response postsg.sbs/socket.io/	118 B 514 B	163ms 163ms	XHR text/plain	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/socket.io/?EIO=4&transport=polling&t=P40azuW Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/375c4ed8AsrCt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5c29aa48b93d5578a63462ebd9b1212ab783251da5c479115e92ac9146171fdc` Request headers Accept / Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewfZ4kEUj8jIyEkkjNQ%2BLJ0piqD6ovXLFbVfyrChJNJ1JcmEKkJ00H5owVn8iat6UYg8Z05a0%2BgSh0JzOMi5wwC4AmajWEVgJeEsJbLWu65J4Mh3qGfpKE0%2BxLOormuplV1%2B5PQwgO1t"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control no-store cf-ray 8ab07dd03b731da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	b797873fAsrCt.js Show response postsg.sbs/de/assets/	114 KB 36 KB	19ms 18ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/b797873fAsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `da5926ca7534438b698128e2ea8ec1f313f91f0f2697e007f004c6d146f822aa` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 440 etag W/"1c9ab-18fc34637b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fc%2F00UztbMsXCBMHYfzO%2FjPIlYOM7KYEjg%2FnRgtfX%2BMou1EkdQbRdeeIb7sAkniir7RBNTD2R0co1l6HX44NAVvk7SZZz9ud3VkqldD97irTYM2m096V%2F0juJEpl1JhbQ0t2mmgsSWRF"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd03b751da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	f4397cedTb8FG.css postsg.sbs/de/assets/	400 B 701 B	21ms 21ms	Stylesheet text/css	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/f4397cedTb8FG.css Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 440 etag W/"190-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSc7O0EuKrK973ltWPJACyyRfDK%2FgNuifbqmbBFryvhy3kYinuTCl2m6F5cmn6p6LKrPO0KRwvHQJvgaFNXSJ5PcLyHp6gCdovfPTiuQ%2BTtd%2Bl6LHIeAre%2BFKJjNraqOJEe9SbTwz9PJ"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd03b771da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	39.svg postsg.sbs/de/layout/images/	904 B 809 B	17ms 16ms	Image image/svg+xml	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://postsg.sbs/de/layout/images/39.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a6b35b6b7cabb9d33c2e1d6afef2d5f546a2fd3912f5f3e96495cd64218b9251` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 440 etag W/"388-18fc34610a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DY%2F5d3JjcsRvZpxEwsvzwCrzZwCHyjoE5T6cssx59rL%2F9nu4ay0QtBffn13IZwRAiCjUr9K0RgzaovQLcHWacTUSYYwAVGSksyQMum2RWYMITsTknkyDAtlnAVQxJ56o%2BuP2DCgmMu%2F6"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd0bbea1da4-FRA alt-svc h3=":443"; ma=86400

postsg.sbs Open in urlscan Pro 2606:4700:3036::ac43:bde2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

616 kBTransfer

1462 kBSize

0 Cookies

97 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

postsg.sbs Open in urlscan Pro
2606:4700:3036::ac43:bde2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

616 kB
Transfer

1462 kB
Size

0
Cookies

34 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!