projectbelportable.pages.dev Open in urlscan Pro
172.66.47.204 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://projectbelportable.pages.dev/
Effective URL:
https://projectbelportable.pages.dev/
Submission Tags: threatview.io malwar3ninja rule: suspected phishing scam automated-submission Search All
Submission: On November 24 via api (November 24th 2024, 6:14:48 am UTC) from DE — Scanned from DE

Summary HTTP 22 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 22 HTTP transactions. The main IP is 172.66.47.204, located in United States and belongs to CLOUDFLARENET, US. The main domain is projectbelportable.pages.dev.
TLS certificate: Issued by WE1 on October 29th 2024. Valid for: 3 months.

This is the only time projectbelportable.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 14	172.66.47.204 172.66.47.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	78.24.199.2 78.24.199.2	43682 (EE-SEB-AS...) (EE-SEB-AS AS SEB Pank)
5	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	78.24.199.8 78.24.199.8	43682 (EE-SEB-AS...) (EE-SEB-AS AS SEB Pank)
22	5

14 172.66.47.204 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

projectbelportable.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.24.199.2 (Estonia) 1 redirects

ASN43682 (EE-SEB-AS AS SEB Pank, EE)
PTR: www.seb.ee

www.seb.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seb.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.24.199.8 (Estonia)

ASN43682 (EE-SEB-AS AS SEB Pank, EE)
PTR: ibanka.seb.lv

ibanka.seb.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	pages.dev 1 redirects projectbelportable.pages.dev	27 KB
5	gstatic.com fonts.gstatic.com	65 KB
4	seb.ee 1 redirects www.seb.ee seb.ee — Cisco Umbrella Rank: 972134	14 KB
1	seb.lv ibanka.seb.lv	23 KB
22	4

	Domain	Requested by
14	projectbelportable.pages.dev	1 redirects projectbelportable.pages.dev
5	fonts.gstatic.com	projectbelportable.pages.dev
3	www.seb.ee	projectbelportable.pages.dev www.seb.ee
1	ibanka.seb.lv
1	seb.ee	1 redirects
22	5

This site contains links to these domains. Also see Links.

Domain
ibanka.seb.lv
www.seb.lv

Subject Issuer	Validity	Valid
projectbelportable.pages.dev WE1	`2024-10-29` - `2025-01-27`	3 months	crt.sh
www.seb.ee GlobalSign RSA OV SSL CA 2018	`2024-05-27` - `2025-06-28`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ibanka.seb.lv GlobalSign GCC R3 DV TLS CA 2020	`2024-10-01` - `2025-11-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://projectbelportable.pages.dev/
Frame ID: EC29501037BE8179E8E546E8B69A3C36
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SEB internetbankas atkārtota aktivizēšana

Page URL History Show full URLs

http://projectbelportable.pages.dev/ HTTP 307
https://projectbelportable.pages.dev/ Page URL
https://projectbelportable.pages.dev/cdn-cgi/phish-bypass?atok=l._ztmDxgQ19.fA9efTesGw4kJed..ZERfoRWL3QW5A-173242... HTTP 301
https://projectbelportable.pages.dev/ Page URL

Page Statistics

22
Requests

95 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

128 kB
Transfer

242 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://ibanka.seb.lv/ib/
Title: SEB bankas logotips

Search URL Search Domain Scan URL

URL: https://www.seb.lv/privatpersonam/ikdienas-pakalpojumi/riki-un-tiessaistes-pakalpojumi/internetbanka
Title: Uzzināt vairāk

Search URL Search Domain Scan URL

URL: https://www.seb.lv/infotelpa/finansu-krapniecibas-slazdi-ka-sevi-pasargat
Title: kā sevi pasargāt?

Search URL Search Domain Scan URL

URL: https://www.seb.lv/privatuma-politika-ieprieks-datu-apstrades-principi-0
Title: Privātuma politika

Search URL Search Domain Scan URL

URL: https://www.seb.lv/kontakti
Title: Kontakti

Search URL Search Domain Scan URL

URL: https://www.seb.lv/kontakti#as-seb-banka
Title: Rekvizīti

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://projectbelportable.pages.dev/ HTTP 307
https://projectbelportable.pages.dev/ Page URL
https://projectbelportable.pages.dev/cdn-cgi/phish-bypass?atok=l._ztmDxgQ19.fA9efTesGw4kJed..ZERfoRWL3QW5A-1732428878-0.0.1.1-%2F HTTP 301
https://projectbelportable.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://projectbelportable.pages.dev/ HTTP 307
https://projectbelportable.pages.dev/

Request Chain 21

https://seb.ee/sites/default/files/bus_apps/chat_v2/prod/images/icon-bot-bubble.svg HTTP 301
https://www.seb.ee/sites/default/files/bus_apps/chat_v2/prod/images/icon-bot-bubble.svg

22 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

/ Show response
projectbelportable.pages.dev/
Redirect Chain

http://projectbelportable.pages.dev/
https://projectbelportable.pages.dev/

4 KB
2 KB

335ms
12ms

Document
text/html

172.66.47.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.47.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e657b04b05d0934eb2afbca0ebef5f226ed4935ce36cc679cd4e30ec634d6e3d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-ray: 8e77428a3e5e68f5-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Nov 2024 06:14:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hs6iz5GyRvhGDxlnbcNKYX1Ha8qn1c%2BcWDFtim0Vp4Xt7ubpjPEZZaXRaTd0GD%2FPcYxreF3x8Smq1dpVVeg%2FfaQsdjgyvYnjqsNF38XRUV4v0WajhY6GEbpFl2DyPV3GX%2BnBf%2FcV3VnycvNi%2BILD"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://projectbelportable.pages.dev/
Non-Authoritative-Reason: HSTS

GET
H2 200 cf.errors.css
projectbelportable.pages.dev/cdn-cgi/styles/ 23 KB
5 KB 9ms
8ms Stylesheet
text/css 172.66.47.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://projectbelportable.pages.dev/cdn-cgi/styles/cf.errors.css

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.47.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://projectbelportable.pages.dev/

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
content-encoding: gzip
etag: W/"673dd3b7-5df3"
x-content-type-options: nosniff
cf-ray: 8e77428a6e7168f5-FRA
expires: Sun, 24 Nov 2024 08:14:38 GMT
date: Sun, 24 Nov 2024 06:14:38 GMT
content-type: text/css
last-modified: Wed, 20 Nov 2024 12:19:03 GMT
server: cloudflare
x-frame-options: DENY

GET
H2 200 icon-exclamation.png
projectbelportable.pages.dev/cdn-cgi/images/ 452 B
541 B 10ms
10ms Image
image/png 172.66.47.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://projectbelportable.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.47.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://projectbelportable.pages.dev/cdn-cgi/styles/cf.errors.css

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
etag: "673dd3b7-1c4"
x-content-type-options: nosniff
cf-ray: 8e77428a8e7b68f5-FRA
expires: Sun, 24 Nov 2024 08:14:38 GMT
accept-ranges: bytes
content-length: 452
date: Sun, 24 Nov 2024 06:14:38 GMT
content-type: image/png
last-modified: Wed, 20 Nov 2024 12:19:03 GMT
server: cloudflare
x-frame-options: DENY

GET
H2 403 favicon.ico
projectbelportable.pages.dev/ 4 KB
2 KB 11ms
11ms Other
text/html 172.66.47.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://projectbelportable.pages.dev/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.47.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b0b868a765ca0b7f9fc00d84c95bfb49ae1c784e54bedde2e88b9839671cb4e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://projectbelportable.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2STtnZZV3Tf%2FyOM8XhqX%2FxlL0FZnEod6K7RV%2FOOFW1kNaoX6pKIxbHa45ksHWJNOWZk0QYsTn7b5onWdZrg1JgIO4J2KYJgtXpUG0C8nH06pIX3ZFEAiS3ZV72sVdRl06z357UWosqjOaKo2UKE%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e77428a9e8968f5-FRA
date: Sun, 24 Nov 2024 06:14:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2

200

Primary Request / Show response
projectbelportable.pages.dev/
Redirect Chain

https://projectbelportable.pages.dev/cdn-cgi/phish-bypass?atok=l._ztmDxgQ19.fA9efTesGw4kJed..ZERfoRWL3QW5A-1732428878-0.0.1.1-%2F
https://projectbelportable.pages.dev/

97 KB
17 KB

183ms
181ms

Document
text/html

172.66.47.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.47.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5955e7bb651729441fd6163242d6fcc72bcb019097e275e56d686b5fc46cb0f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://projectbelportable.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8e7742a72d5d68f5-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 24 Nov 2024 06:14:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IOWE7jig%2BXRimVUncphBhE%2Bgzc6oZyDDDMBGeF%2Buyi1FDwrOey57Iyf5s2S%2BKXTiuux3mu%2BtXxRWVX6WaH17aPnApKCn5H5TMdVKeX4xmWtPcoRLxyh3mNZtVxR0FznsfxeIK1ZOaSDCaJxlOGSR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=6184&sent=33&recv=29&lost=0&retrans=0&sent_bytes=14429&recv_bytes=2925&delivery_rate=2031140&cwnd=255&unsent_bytes=0&cid=41dd6627fc044e5c&ts=4823&x=0"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

cache-control: private, no-cache
cf-ray: 8e7742a71d5568f5-FRA
content-length: 167
content-type: text/html
date: Sun, 24 Nov 2024 06:14:43 GMT
location: https://projectbelportable.pages.dev/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 403 chunk-HLHYB3YI.js
projectbelportable.pages.dev/ 0
0 14ms
12ms Script
text/html 172.66.47.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://projectbelportable.pages.dev/chunk-HLHYB3YI.js

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.47.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://projectbelportable.pages.dev
Referer: https://projectbelportable.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2z7DgyxslMN9jek%2B1OYmLwY4lz0Tat3QFdzzUJ90iIgL1tIoZmjEkd%2Fbv1fVogEpVJh5yGwiWh5gKlxOAHidayL4Qo2S4a7qPd3jA5msy2Hftb%2Bjb%2Bnnbbco1jgipIVMxuaPDq7h2i0iuoDu4tZ9"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e7742a85daf68f5-FRA
date: Sun, 24 Nov 2024 06:14:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 403 runtime.fbfb1060a1578071.js.t%C3%A9l%C3%A9chargement
projectbelportable.pages.dev/Login_files/ 0
0 19ms
17ms Script
text/html 172.66.47.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://projectbelportable.pages.dev/Login_files/runtime.fbfb1060a1578071.js.t%C3%A9l%C3%A9chargement

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.47.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://projectbelportable.pages.dev
Referer: https://projectbelportable.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9iP5mze2GmbaVdGfi0gD%2FXmPMcAMgW5SIox8Eb1D%2FWLuQsM6tCkj2ho%2Bx%2FhIxlRSabnMDOGeud4bTBW%2BiJdoBImNvpFjC04VypdYE1g7Z9J7ksRgFMm3l3%2FJ9Y814SKloCxW4MiJJUuDaTPHPIYj"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e7742a85db168f5-FRA
date: Sun, 24 Nov 2024 06:14:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 403 polyfills.62f8c013f9d73cf1.js.t%C3%A9l%C3%A9chargement
projectbelportable.pages.dev/Login_files/ 0
0 16ms
14ms Script
text/html 172.66.47.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://projectbelportable.pages.dev/Login_files/polyfills.62f8c013f9d73cf1.js.t%C3%A9l%C3%A9chargement

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.47.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://projectbelportable.pages.dev
Referer: https://projectbelportable.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jUDHkrg8cvjjMFR4fVbbBj0rEoopmMbsj2KzNPayNN%2Fcb6IxFpjvVsB3EKf24H%2BsThpG0K9bHWcPHKEj8Ry%2B%2F3lRKc5BNMqLcNbHfSeJQ2nnV7tdvNent0ZvpINfuokiltQ8XtwFEPxDJR7l%2FpzJ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e7742a85db368f5-FRA
date: Sun, 24 Nov 2024 06:14:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 403 main.e91e52be86d40e66.js.t%C3%A9l%C3%A9chargement
projectbelportable.pages.dev/Login_files/ 0
0 17ms
16ms Script
text/html 172.66.47.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://projectbelportable.pages.dev/Login_files/main.e91e52be86d40e66.js.t%C3%A9l%C3%A9chargement

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.47.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://projectbelportable.pages.dev
Referer: https://projectbelportable.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W28snwzcj2rq0DHcvlU%2FBEj8BOL9oParNcEXgbezjN7MjaVLPvQPtiiih093J%2BacGFxV5cWHIL7sfhfmTbnzF0Hopxnp0%2BAQR9xm75PISFDW9%2FfzfHo96joZzHbN2x%2BoUyTMiySt0hoUi2vun3bH"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e7742a85db468f5-FRA
date: Sun, 24 Nov 2024 06:14:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 403 Loader-prelogin-lv.js.t%C3%A9l%C3%A9chargement
projectbelportable.pages.dev/Login_files/ 0
0 12ms
11ms Script
text/html 172.66.47.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://projectbelportable.pages.dev/Login_files/Loader-prelogin-lv.js.t%C3%A9l%C3%A9chargement

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.47.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://projectbelportable.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5EwdhykV4KLUHYChizP0IqVZVLClUWY%2F70LRAigKpIlxRrs2BpNGr3FN3s12X9Rnqf7F0WhkT8RdhB9r%2BOIOjSZsl7D0ZQFIdxCNkvBh7T1GZ6H3XXsbGL4xewbzxVCTqZi6bO7XB08wijAmV9Ug"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e7742a86db868f5-FRA
date: Sun, 24 Nov 2024 06:14:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK style.css
www.seb.ee/sites/default/files/bus_apps/chat_v2/prod/ 21 KB
7 KB 184ms
47ms Stylesheet
text/css 78.24.199.2
EE-SEB-AS AS SEB ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.seb.ee/sites/default/files/bus_apps/chat_v2/prod/style.css?1717274222550

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.24.199.2 , Estonia, ASN43682 (EE-SEB-AS AS SEB Pank, EE),

Reverse DNS

www.seb.ee

Software

nginx /

Resource Hash

6912ab1043c2dc130565ccec7aea7740c80d1762d3ffb85a2a4dba7650001886

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .baltic.seb.net .seb.lv .seb.ee .seb.lt http://localhost:* 'unsafe-inline' 'unsafe-eval' .youtube-nocookie.com .evergage.com; connect-src 'self' .baltic.seb.net .seb.lv .seb.ee .evergage.com .youtube-nocookie.com; img-src 'self' data: .baltic.seb.net .seb.lv .seb.ee seb.ee .evergage.com survey.synopticom.com .youtube-nocookie.com; script-src 'self' .baltic.seb.net .seb.lv .seb.ee http://localhost: 'unsafe-inline' 'unsafe-eval' www.flv.baltic.seb.net cdn.evgnet.com .evergage.com survey.synopticom.com .youtube-nocookie.com; style-src 'self' .baltic.seb.net .seb.lv .seb.ee https://cdnjs.cloudflare.com https://survey.synopticom.com .evergage.com 'unsafe-inline' .youtube-nocookie.com; frame-src 'self' .baltic.seb.net .seb.lv .seb.ee https://player.vimeo.com https://www.youtube.com https://youtu.be https://cdn.evergage.com https://survey.synopticom.com *.youtube-nocookie.com; font-src 'self' data:; object-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://projectbelportable.pages.dev/

Response headers

Content-Encoding: gzip
etag: "545b-62779f39de000"
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 06:14:43 GMT
date: Sun, 24 Nov 2024 06:14:43 GMT
content-type: text/css
Vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 05:49:52 GMT
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self' *.baltic.seb.net *.seb.lv *.seb.ee *.seb.lt http://localhost:* 'unsafe-inline' 'unsafe-eval' *.youtube-nocookie.com *.evergage.com; connect-src 'self' *.baltic.seb.net *.seb.lv *.seb.ee *.evergage.com *.youtube-nocookie.com; img-src 'self' data: *.baltic.seb.net *.seb.lv *.seb.ee seb.ee *.evergage.com survey.synopticom.com *.youtube-nocookie.com; script-src 'self' *.baltic.seb.net *.seb.lv *.seb.ee http://localhost:* 'unsafe-inline' 'unsafe-eval' www.flv.baltic.seb.net cdn.evgnet.com *.evergage.com survey.synopticom.com *.youtube-nocookie.com; style-src 'self' *.baltic.seb.net *.seb.lv *.seb.ee https://cdnjs.cloudflare.com https://survey.synopticom.com *.evergage.com 'unsafe-inline' *.youtube-nocookie.com; frame-src 'self' *.baltic.seb.net *.seb.lv *.seb.ee https://player.vimeo.com https://www.youtube.com https://youtu.be https://cdn.evergage.com https://survey.synopticom.com *.youtube-nocookie.com; font-src 'self' data:; object-src 'self'; worker-src 'self' blob:;
cache-control: max-age=1209600
x-txn-id: 0A8673FB:D7F0_0A640A1A:5222_6742C453_1A5F466:0009
Connection: Keep-Alive
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 6029
server: nginx

GET
H/1.1 200
OK icon-send.svg
www.seb.ee/sites/default/files/bus_apps/chat_v2/prod/images/ 657 B
2 KB 182ms
46ms Image
image/svg+xml 78.24.199.2
EE-SEB-AS AS SEB ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.seb.ee/sites/default/files/bus_apps/chat_v2/prod/images/icon-send.svg

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.24.199.2 , Estonia, ASN43682 (EE-SEB-AS AS SEB Pank, EE),

Reverse DNS

www.seb.ee

Software

nginx /

Resource Hash

0d13d5112a0ca99a1d2d221a63fd33e68adbd4c291e8087688ba0a7477aedd41

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .baltic.seb.net .seb.lv .seb.ee .seb.lt http://localhost:* 'unsafe-inline' 'unsafe-eval' .youtube-nocookie.com .evergage.com; connect-src 'self' .baltic.seb.net .seb.lv .seb.ee .evergage.com .youtube-nocookie.com; img-src 'self' data: .baltic.seb.net .seb.lv .seb.ee seb.ee .evergage.com survey.synopticom.com .youtube-nocookie.com; script-src 'self' .baltic.seb.net .seb.lv .seb.ee http://localhost: 'unsafe-inline' 'unsafe-eval' www.flv.baltic.seb.net cdn.evgnet.com .evergage.com survey.synopticom.com .youtube-nocookie.com; style-src 'self' .baltic.seb.net .seb.lv .seb.ee https://cdnjs.cloudflare.com https://survey.synopticom.com .evergage.com 'unsafe-inline' .youtube-nocookie.com; frame-src 'self' .baltic.seb.net .seb.lv .seb.ee https://player.vimeo.com https://www.youtube.com https://youtu.be https://cdn.evergage.com https://survey.synopticom.com *.youtube-nocookie.com; font-src 'self' data:; object-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://projectbelportable.pages.dev/

Response headers

etag: "291-62779f3ad2240"
Age: 0
x-content-type-options: nosniff
Expires: Sun, 08 Dec 2024 06:14:44 GMT
Date: Sun, 24 Nov 2024 06:14:43 GMT
content-type: image/svg+xml
Vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 05:49:53 GMT
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self' *.baltic.seb.net *.seb.lv *.seb.ee *.seb.lt http://localhost:* 'unsafe-inline' 'unsafe-eval' *.youtube-nocookie.com *.evergage.com; connect-src 'self' *.baltic.seb.net *.seb.lv *.seb.ee *.evergage.com *.youtube-nocookie.com; img-src 'self' data: *.baltic.seb.net *.seb.lv *.seb.ee seb.ee *.evergage.com survey.synopticom.com *.youtube-nocookie.com; script-src 'self' *.baltic.seb.net *.seb.lv *.seb.ee http://localhost:* 'unsafe-inline' 'unsafe-eval' www.flv.baltic.seb.net cdn.evgnet.com *.evergage.com survey.synopticom.com *.youtube-nocookie.com; style-src 'self' *.baltic.seb.net *.seb.lv *.seb.ee https://cdnjs.cloudflare.com https://survey.synopticom.com *.evergage.com 'unsafe-inline' *.youtube-nocookie.com; frame-src 'self' *.baltic.seb.net *.seb.lv *.seb.ee https://player.vimeo.com https://www.youtube.com https://youtu.be https://cdn.evergage.com https://survey.synopticom.com *.youtube-nocookie.com; font-src 'self' data:; object-src 'self'; worker-src 'self' blob:;
cache-control: max-age=1209600
x-txn-id: 0A8673FB:2290_0A640A1A:5222_67426613_1880981:0009
Connection: Keep-Alive
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 657
server: nginx

GET
H2 403 polyfills-S3BTP7ME.js
projectbelportable.pages.dev/ 0
0 17ms
16ms Script
text/html 172.66.47.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://projectbelportable.pages.dev/polyfills-S3BTP7ME.js

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.47.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://projectbelportable.pages.dev
Referer: https://projectbelportable.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SkLW9rDm7GBJRcWaJPXuQI8UHBngeL%2Fzbk%2F8il%2BgvlNKfg0PKJ9UGJwCNr4YlwPW9w61s%2B9G2kNuhZmbcbyLV89FV8cUeqCr36G%2BaeodqJ6PRo%2Fe7C5IYCaGNK95baLzHCJp9wKPyFBQAu6iLaY9"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e7742a85db568f5-FRA
date: Sun, 24 Nov 2024 06:14:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 403 main-35TS4ADL.js
projectbelportable.pages.dev/ 0
0 17ms
17ms Script
text/html 172.66.47.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://projectbelportable.pages.dev/main-35TS4ADL.js

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.47.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://projectbelportable.pages.dev
Referer: https://projectbelportable.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o9a8nONem5dnSSD5pkqq1bq%2FHMsuy4peZ0k58zWpMBwtIp17E8lw0ir0TQp8sTjU%2B5OGJ07pGMOON0eA4Ri%2BAhfkPDUnylxThLCTq%2BiQDNegLGA3FzATzNB9bP52uo4nIKTD3NP2CNc6cknRz%2BSE"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e7742a85db668f5-FRA
date: Sun, 24 Nov 2024 06:14:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 403 styles-74ZS44X7.css
projectbelportable.pages.dev/ 0
0 14ms
14ms Stylesheet
text/html 172.66.47.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://projectbelportable.pages.dev/styles-74ZS44X7.css

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.47.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://projectbelportable.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BFIT6fk7qHHpVC4%2Bs9igQ%2Fll8kdaXYOHZ%2Bzdj1VXFV1Vt%2BV%2BLpVGa%2B7gWagb%2FI5t%2FggXivbxLkG8qnn3Grx9Iy%2Bkq3GExfiy0LLQi1R%2FacnFSURc6ti8Q4peTYRs0vKmbP2PQaSkxf5MOr7Oki8I"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e7742a86db968f5-FRA
date: Sun, 24 Nov 2024 06:14:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d05ce9badaef486035e0e04af4fa06fcdbe633996b7dbd0b1cf54618bf7a460d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d636d2971c17b491c12bfb21d41f9d00215dc8ff3b723b2ac6a937637cd4095

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 337ms
8ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://projectbelportable.pages.dev
Referer: https://projectbelportable.pages.dev/

Response headers

age: 460174
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 22:25:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 22:25:09 GMT
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15920
x-xss-protection: 0
server: sffe

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 343ms
15ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://projectbelportable.pages.dev
Referer: https://projectbelportable.pages.dev/

Response headers

age: 433241
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 05:54:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 05:54:02 GMT
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15744
x-xss-protection: 0
server: sffe

GET
H2 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 335ms
7ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://projectbelportable.pages.dev
Referer: https://projectbelportable.pages.dev/

Response headers

age: 458064
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 23:00:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 23:00:19 GMT
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11800
x-xss-protection: 0
server: sffe

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 341ms
13ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://projectbelportable.pages.dev
Referer: https://projectbelportable.pages.dev/

Response headers

age: 468183
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 20:11:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 20:11:40 GMT
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9840
x-xss-protection: 0
server: sffe

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 342ms
14ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: projectbelportable.pages.dev
URL: https://projectbelportable.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://projectbelportable.pages.dev
Referer: https://projectbelportable.pages.dev/

Response headers

age: 451560
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 00:48:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 00:48:43 GMT
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11872
x-xss-protection: 0
server: sffe

GET
H/1.1

200
OK

icon-bot-bubble.svg
www.seb.ee/sites/default/files/bus_apps/chat_v2/prod/images/
Redirect Chain

https://seb.ee/sites/default/files/bus_apps/chat_v2/prod/images/icon-bot-bubble.svg
https://www.seb.ee/sites/default/files/bus_apps/chat_v2/prod/images/icon-bot-bubble.svg

2 KB
4 KB

40ms
40ms

Image
image/svg+xml

78.24.199.2
EE-SEB-AS AS SEB ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.seb.ee/sites/default/files/bus_apps/chat_v2/prod/images/icon-bot-bubble.svg

Requested by

Host: www.seb.ee
URL: https://www.seb.ee/sites/default/files/bus_apps/chat_v2/prod/style.css?1717274222550

Protocol

HTTP/1.1

Server

78.24.199.2 , Estonia, ASN43682 (EE-SEB-AS AS SEB Pank, EE),

Reverse DNS

www.seb.ee

Software

nginx /

Resource Hash

67e961ac76447a891ce1dfd7f13556413021224970ae8ce1ce19085aa9973c03

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .baltic.seb.net .seb.lv .seb.ee .seb.lt http://localhost:* 'unsafe-inline' 'unsafe-eval' .youtube-nocookie.com .evergage.com; connect-src 'self' .baltic.seb.net .seb.lv .seb.ee .evergage.com .youtube-nocookie.com; img-src 'self' data: .baltic.seb.net .seb.lv .seb.ee seb.ee .evergage.com survey.synopticom.com .youtube-nocookie.com; script-src 'self' .baltic.seb.net .seb.lv .seb.ee http://localhost: 'unsafe-inline' 'unsafe-eval' www.flv.baltic.seb.net cdn.evgnet.com .evergage.com survey.synopticom.com .youtube-nocookie.com; style-src 'self' .baltic.seb.net .seb.lv .seb.ee https://cdnjs.cloudflare.com https://survey.synopticom.com .evergage.com 'unsafe-inline' .youtube-nocookie.com; frame-src 'self' .baltic.seb.net .seb.lv .seb.ee https://player.vimeo.com https://www.youtube.com https://youtu.be https://cdn.evergage.com https://survey.synopticom.com *.youtube-nocookie.com; font-src 'self' data:; object-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.seb.ee/

Response headers

etag: "9cd-62779f3ad2240"
Age: 83
x-content-type-options: nosniff
Expires: Sun, 08 Dec 2024 06:13:21 GMT
Date: Sun, 24 Nov 2024 06:14:43 GMT
content-type: image/svg+xml
last-modified: Fri, 22 Nov 2024 05:49:53 GMT
x-frame-options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self' *.baltic.seb.net *.seb.lv *.seb.ee *.seb.lt http://localhost:* 'unsafe-inline' 'unsafe-eval' *.youtube-nocookie.com *.evergage.com; connect-src 'self' *.baltic.seb.net *.seb.lv *.seb.ee *.evergage.com *.youtube-nocookie.com; img-src 'self' data: *.baltic.seb.net *.seb.lv *.seb.ee seb.ee *.evergage.com survey.synopticom.com *.youtube-nocookie.com; script-src 'self' *.baltic.seb.net *.seb.lv *.seb.ee http://localhost:* 'unsafe-inline' 'unsafe-eval' www.flv.baltic.seb.net cdn.evgnet.com *.evergage.com survey.synopticom.com *.youtube-nocookie.com; style-src 'self' *.baltic.seb.net *.seb.lv *.seb.ee https://cdnjs.cloudflare.com https://survey.synopticom.com *.evergage.com 'unsafe-inline' *.youtube-nocookie.com; frame-src 'self' *.baltic.seb.net *.seb.lv *.seb.ee https://player.vimeo.com https://www.youtube.com https://youtu.be https://cdn.evergage.com https://survey.synopticom.com *.youtube-nocookie.com; font-src 'self' data:; object-src 'self'; worker-src 'self' blob:;
cache-control: max-age=1209600
x-txn-id: 0A8673FB:8C17_0A640A1A:5222_6742C12B_1A5EBCA:0009
Connection: Keep-Alive
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 2509
server: nginx

Redirect headers

Connection: Keep-Alive
Location: https://www.seb.ee/sites/default/files/bus_apps/chat_v2/prod/images/icon-bot-bubble.svg
Content-Length: 0

GET
H/1.1 200
OK favicon.ico
ibanka.seb.lv/ib/ 22 KB
23 KB 191ms
50ms Other
image/x-icon 78.24.199.8
EE-SEB-AS AS SEB ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ibanka.seb.lv/ib/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.24.199.8 , Estonia, ASN43682 (EE-SEB-AS AS SEB Pank, EE),

Reverse DNS

ibanka.seb.lv

Software

nginx /

Resource Hash

bd14e9440621858de00fc716b0d8252608238628ae3b2603e5b0679be0ae6960

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .evgnet.com .evergage.com seb.ee .seb.ee seb.lv .seb.lv .seb.net 'unsafe-inline' 'unsafe-eval' data: .fontawesome.com digitaltrust.feedzai.cloud .digitaltrust.feedzai.cloud; frame-src 'self' .youtube.com .vimeo.com .synopticom.com; style-src 'self' 'unsafe-inline' .fontawesome.com seb.ee .seb.ee https://fonts.googleapis.com https://sebpankas.germany-2.evergage.com https://absebbankas.germany-2.evergage.com; font-src 'self' *.fontawesome.com https://fonts.gstatic.com https://sebpankas.germany-2.evergage.com https://absebbankas.germany-2.evergage.com; worker-src 'self' blob:; img-src https: data: blob: cdn.evergage.com i.vimeocdn.com i.ytimg.com; connect-src 'self';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://projectbelportable.pages.dev/

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self' *.evgnet.com *.evergage.com seb.ee *.seb.ee seb.lv *.seb.lv *.seb.net 'unsafe-inline' 'unsafe-eval' data: *.fontawesome.com digitaltrust.feedzai.cloud *.digitaltrust.feedzai.cloud; frame-src 'self' *.youtube.com *.vimeo.com *.synopticom.com; style-src 'self' 'unsafe-inline' *.fontawesome.com seb.ee *.seb.ee https://fonts.googleapis.com https://sebpankas.germany-2.evergage.com https://absebbankas.germany-2.evergage.com; font-src 'self' *.fontawesome.com https://fonts.gstatic.com https://sebpankas.germany-2.evergage.com https://absebbankas.germany-2.evergage.com; worker-src 'self' blob:; img-src https: data: blob: cdn.evergage.com i.vimeocdn.com i.ytimg.com; connect-src 'self';
x-txn-id: 0A8673FB:DEE0_0A641E02:59DA_6742C452_28F5AC7:0009
etag: "673ca656-598e"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 22926
date: Sun, 24 Nov 2024 06:14:43 GMT
content-type: image/x-icon
last-modified: Tue, 19 Nov 2024 14:53:10 GMT
server: nginx
x-frame-options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| formatCPR function| formatCardNumber function| formatExpirationDate

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.projectbelportable.pages.dev/	1970-01-21 01:15:15	Name: __cf_mw_byp Value: l._ztmDxgQ19.fA9efTesGw4kJed..ZERfoRWL3QW5A-1732428878-0.0.1.1-/

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://projectbelportable.pages.dev/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://projectbelportable.pages.dev/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://projectbelportable.pages.dev/chunk-HLHYB3YI.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://projectbelportable.pages.dev/styles-74ZS44X7.css Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://projectbelportable.pages.dev/Login_files/polyfills.62f8c013f9d73cf1.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://projectbelportable.pages.dev/Login_files/main.e91e52be86d40e66.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://projectbelportable.pages.dev/polyfills-S3BTP7ME.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://projectbelportable.pages.dev/main-35TS4ADL.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://projectbelportable.pages.dev/Login_files/runtime.fbfb1060a1578071.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://projectbelportable.pages.dev/Login_files/Loader-prelogin-lv.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
ibanka.seb.lv
projectbelportable.pages.dev
seb.ee
www.seb.ee
142.250.185.195
172.66.47.204
78.24.199.2
78.24.199.8
0d13d5112a0ca99a1d2d221a63fd33e68adbd4c291e8087688ba0a7477aedd41
2d636d2971c17b491c12bfb21d41f9d00215dc8ff3b723b2ac6a937637cd4095
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
4b0b868a765ca0b7f9fc00d84c95bfb49ae1c784e54bedde2e88b9839671cb4e
5955e7bb651729441fd6163242d6fcc72bcb019097e275e56d686b5fc46cb0f9
67e961ac76447a891ce1dfd7f13556413021224970ae8ce1ce19085aa9973c03
6912ab1043c2dc130565ccec7aea7740c80d1762d3ffb85a2a4dba7650001886
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bd14e9440621858de00fc716b0d8252608238628ae3b2603e5b0679be0ae6960
d05ce9badaef486035e0e04af4fa06fcdbe633996b7dbd0b1cf54618bf7a460d
e657b04b05d0934eb2afbca0ebef5f226ed4935ce36cc679cd4e30ec634d6e3d
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

projectbelportable.pages.dev Open in urlscan Pro 172.66.47.204 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

22 Requests

95 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

128 kBTransfer

242 kBSize

1 Cookies

6 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

10 Console Messages

Security Headers

projectbelportable.pages.dev Open in urlscan Pro
172.66.47.204 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

95 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

128 kB
Transfer

242 kB
Size

1
Cookies

22 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!