postsg.sbs Open in urlscan Pro
2606:4700:3036::ac43:bde2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://postsg.sbs/de?a=rr-hi//de//de//de/de/de/de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de/...
Effective URL:
https://postsg.sbs/de/
Submission: On July 29 via api (July 29th 2024, 10:19:42 pm UTC) from US — Scanned from US

Summary HTTP 35 Redirects Links 97 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 35 HTTP transactions. The main IP is 2606:4700:3036::ac43:bde2, located in United States and belongs to CLOUDFLARENET, US. The main domain is postsg.sbs.
TLS certificate: Issued by WE1 on July 15th 2024. Valid for: 3 months.

This is the only time postsg.sbs was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 36	2606:4700:303... 2606:4700:3036::ac43:bde2		13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	1

36 2606:4700:3036::ac43:bde2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

postsg.sbs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	postsg.sbs 1 redirects postsg.sbs	617 KB
35	1

	Domain	Requested by
36	postsg.sbs	1 redirects postsg.sbs
35	1

This site contains links to these domains. Also see Links.

Domain
www.dhl.de
www.dhl.com
www.dpdhl.de
www.deutschepost.de
www.facebook.com
www.instagram.com
onetrust.com

Subject Issuer	Validity	Valid
postsg.sbs WE1	`2024-07-15` - `2024-10-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://postsg.sbs/de/
Frame ID: 92C982244C70F8F82E8CDCEF32F1AF9B
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://postsg.sbs/de?a=rr-hi//de//de//de/de/de/de//de//de//de//de//de//de//de//de//de//de//de/... HTTP 307
https://postsg.sbs/de?a=rr-hi//de//de//de/de/de/de//de//de//de//de//de//de//de//de//de//de//de/... HTTP 301
https://postsg.sbs/de/ Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

35
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

617 kB
Transfer

1462 kB
Size

0
Cookies

97 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dhl.de/de/privatkunden.html

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response postsg.sbs/de/ Redirect Chain http://postsg.sbs/de?a=rr-hi//de//de//de/de/de/de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de/de//de/de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//... https://postsg.sbs/de?a=rr-hi//de//de//de/de/de/de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de/de//de/de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de//de/... https://postsg.sbs/de/	2 KB 1 KB	97ms 96ms	Document text/html	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a98d4c11d3a2e09c6131d66e63a7645d47d4145688917f7b1e4a9da9802c6c0c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=86400 cf-cache-status DYNAMIC cf-ray 8ab07dd28c04c32c-EWR content-encoding br content-type text/html; charset=utf-8 date Mon, 29 Jul 2024 22:19:36 GMT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pNNDl%2BQzuunPdJeMKlStnQOCfc2A5tR9Ofjvp2mg5%2F5r%2B074dZfaHNJvNs%2FV6E67dpmOodvWITPNz38XvOGEqSFUWVNVUuvU6P5dozYoRgqZJfVsG1xez2D4FUB0rShxgL8McsbI0Nnf"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8ab07dd17af6c32c-EWR content-type text/html; charset=utf-8 date Mon, 29 Jul 2024 22:19:36 GMT location /de/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=91SDEB07btdHBsZ7DOdkyfOdxFGfUFg4rL0O6ISTpqVhdVjDmUJ3MC08G%2BBwBC9C5HBpp97xm%2BnNNXPVWDkSKx5W%2Bboy3T62%2B9A0u8vkOy%2BtK%2Fqmv5tPkPFXBfmLPUavDlyU1KvEEj3w"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept
GET H3	200	index-601fab58.js Show response postsg.sbs/de/assets/	492 KB 147 KB	19ms 18ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/index-601fab58.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ab6b565c32053403b1604087bb87fb827c9946200d319a4bbae9c27487e9b991` Request headers Referer https://postsg.sbs/de/ Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 25901 etag W/"7b1c0-18fc3464750" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2F13DfJ0%2BOG%2BxOKjymTtqNFKy38KR0cOngMjQwTJ66Z4NRNcdyEJ3%2Bo69O9%2Bby3tzthm03WhYdGmSymRgTrD5zUDMrdUPSmRMeRXxuWYYUJ2%2FGHwfAO1hoTGsV2GYKEDcBImZHAPxHnO"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd38cfec32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	f6170fbbTb8FG.css postsg.sbs/de/assets/	952 B 885 B	41ms 40ms	Stylesheet text/css	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/f6170fbbTb8FG.css Requested by Host: postsg.sbs URL: https://postsg.sbs/de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2875 etag W/"3b8-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zrsNi2eKtEL5nghguO293UPTyGQb03MgzMm4P3O1uhgBgBblqntlghK2QZ6AX0tuYiMWM%2Fjng7UuH%2FEb5q%2FuYVEOnBFCsHkkAwMyvu37llRBWT5L5AMoFhf2sXekMGkOqZFx4DT475VV"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd38d01c32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	7170d3c8AsrCt.js Show response postsg.sbs/de/assets/	5 KB 2 KB	18ms 17ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/7170d3c8AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f63a050bf60976d4618a0c8f25e373571a990f565f846a94c7651e0f72f073a1` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 21656 etag W/"1284-18fc3462fe0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BIVsnRPkgQ5CrsoGsozJMwhDmaZe%2BpBM9Ouy0QYALuwKaR3jCoTXfr%2F43McNIJ9ok8oi3XCp5tRZl3P5DB0E%2B1Clchb1pYjx29d7vH2f3jhEfoqITH5mLRk0rI2Bnz29AMp5XR43OoMb"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd41d68c32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	14384689AsrCt.js Show response postsg.sbs/de/assets/	52 KB 17 KB	18ms 17ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/14384689AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f9654f33e28c829521ba7e4fa69585056d41fe8588a195e617c7816c4058d86f` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 25900 etag W/"cf7f-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=APvKDg6xPm2fmN401U5plg%2FbRa86Vr%2BKL6LpxuAY3xEwS8lIym8hCOm5D3mPYKJcbtZjTavkQ5nDZ5IEX%2B5tqJ1V7MQ6Q9GyDn7HlO3T6iLNRV4qG0zN0SNC%2Bq5KRddgm47rybZKKJng"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd41d6ac32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	favicon.ico postsg.sbs/	1 KB 2 KB	20ms 19ms	Other image/vnd.microsoft.icon	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `97d10bb1dd52bf50f217b414913db126771d4d2cb96439054891d0b0e08667ac` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:36 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 86190 etag W/"46a-18fc34610a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BRLMHGpmDA9r07aCDjJ6W0lN9E8IwEA3m%2FCYlIRrg%2B7BI1ueFbuVPje5Ni37BYF%2FrUzTcX4%2BbCQrijShESza7zyiR%2B2BvvgwyLWAcEp4udAy000W5VjMhP3wzitblW%2B61CsjN%2B6AkHGM"}],"group":"cf-nel","max_age":604800} content-type image/vnd.microsoft.icon access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd42d72c32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	5d2f83d5AsrCt.js Show response postsg.sbs/de/assets/	34 KB 11 KB	19ms 18ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/5d2f83d5AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `03323c063d2da055f367702462c8f63d42512f3971152b377f20bca5f1d645e4` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:37 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 25901 etag W/"88e7-18fc3462fe0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4W3LwmWNEYdBFLlaxR3a70BKuj22%2FEh0oWmarCO%2BTQVPEkFTxktPVBpVi2L4g3Fk4auJiohTR%2BoYkpTumN%2FTt2QNLuKLgBX9Bknufbl%2FWR%2BCezbqYSW0LZeYOnVOn%2F995Mry%2BFd3vGm6"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd44da2c32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	09bf01f8AsrCt.js Show response postsg.sbs/de/assets/	2 KB 1 KB	19ms 18ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/09bf01f8AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `669f632a81707744e6e7b6c1fdd5ee87ded7931ceca5442a4e87bc7019f4d6e8` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:37 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 25901 etag W/"833-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r0ttbN1oy5n%2B%2B9Y3WwKlC8zT3isnzmWZ9BrRMFVzp7mcP98H3HsAKOhhe26citHofKaPWdP5XQ7knJxb522iLX5r9rwxtMBprkhVHo0Z4Db%2BNlQwf2Cb0lvRLee3FrdrLUJrIqQ%2BfBrR"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd44da5c32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	aafc41ccAsrCt.js Show response postsg.sbs/de/assets/	3 KB 2 KB	26ms 25ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/aafc41ccAsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `304c944d0423ccd9a83c5195b9d4bb758e0c95a7b10524e6ea7c49f176a11ba1` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:37 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 25901 etag W/"a84-18fc34637b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zReNhQVbAIAJuPqpcwy4GMb3d%2FyoAur1k3nujQ1UHGTgm6EwcBfENB38TAI5BqMue0RNihe%2BdDs%2Bxa7xnMZ2nU4sfND9im%2BFhFctSh6Go08%2Fh9y%2FW6KsihDZJYK5WVI1df7W%2FsugpL%2BZ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd44da6c32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	83ec9905AsrCt.js Show response postsg.sbs/de/assets/	206 KB 43 KB	23ms 21ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/83ec9905AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e6555597cd5a17e1f31e5bedb48e1c761907529fffa3c15330a3dab9e6ee83ee` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:37 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 25901 etag W/"336fa-18fc34637b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5urqaZt7lNk4VXUIE%2FYwL%2FCvyi3NRNKzAwXnlUcvwB2F7swx%2BY7CRYgCsfiNfXowWDGIpVdPZ2Eb4sSOxrxtYxvhf3f0ob9R1xPAMBrHNXPrQs9EsDfOSy0qquzvaGiLglh2nfCsHGQ5"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd44da7c32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	c27b6911AsrCt.js Show response postsg.sbs/de/assets/	2 KB 1 KB	22ms 21ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/c27b6911AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `890f397c758cf1749ed778c5d69d5d3913eda99bb71ae2b2fb4ebe76821c7f01` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:37 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 25901 etag W/"733-18fc34637b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bEaqNcWVdsTisSPREnT%2FdobMUV88gssUC3Sd7of38xIVm%2F120deRAYar9J3pWDlacxOaBEXTY5DupCSG7iRjlwf9FJKQzsmpu7M4FmEhEBHxJbYNg6u2358mY9VWoOOy202twCAvkxmD"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd44da8c32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	d5bb296dTb8FG.css postsg.sbs/de/assets/	136 KB 20 KB	23ms 22ms	Stylesheet text/css	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/d5bb296dTb8FG.css Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5bb296d446864985bd8a8274cca8de41192a7248eb0088f678bd5bacd96d00f` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:37 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2876 etag W/"21ecc-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UKFJ%2F1U3BXyGWJvIjtMJ3hug2PpFMlOSpPAmM0YAItxyfkNInhuUWw8JcljVPZwuMLnRhFvEL%2Fj3Tik5dx%2B%2FXUaNIFFr4Bclv6KQKdxtuI96QnU7dgqFMxZ9RL4wg7Gd1mP9CGfNRlKb"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd44da9c32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	aac13bf3AsrCt.js Show response postsg.sbs/de/assets/	6 KB 3 KB	23ms 21ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/aac13bf3AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0d7059a8c703a40459d32247ce300adfee1d12116801b4e8bf0ae16085a7a751` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:37 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 25901 etag W/"1898-18fc34637b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PqL8Qt%2FuelIrY2BzGmGII5VRpPqISU8v9xvq4RZql%2FyQiV5D1yBUwLG8unIiLTmQOHOuKx1ugUFo%2B95UlRurqYCCsa4A2TAZKjSJkpviLgzk1Yz1CGVJJMoQQrfE%2F%2Fwu%2FaOmkzDCzJCr"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd44dabc32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	4cd1ec68Tb8FG.css postsg.sbs/de/assets/	323 B 650 B	26ms 24ms	Stylesheet text/css	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/4cd1ec68Tb8FG.css Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2876 etag W/"143-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cwltBYxwbTtmDbfrw%2BTj7Q3tTKrQkqS42VSb133ve0aJWo%2Fb5Dxmb0m8%2FhkMa8d0KQ8%2F9f%2B44usCrnzssrZuElbjXgziBScu%2FPXXszv60UZMxS0vqDGGUAvjp8Lm%2Fa9ZMKpI%2FuYx6Lu9"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd44dadc32c-EWR alt-svc h3=":443"; ma=86400
POST H3	200	MC42MDc5MTA4NTA3NDgwNTEz Show response postsg.sbs/api/	1 KB 1 KB	100ms 98ms	XHR application/json	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/api/MC42MDc5MTA4NTA3NDgwNTEz Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `93a79ab600220230b339cecdf36f8883b3eeb1f9df1dc67a2c962c50fb7a09ba` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/encrypt Response headers date Mon, 29 Jul 2024 22:19:37 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"490-VdNgOdvdMKgihoNLpnGFl1iUuC0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DqhDJVQr30yuoiNYjuS86YF9L8tezrtRcdvp%2Br%2BKOVSQxOeojGaIpR36JeEYGGLHsU5fQoW4Uly88SdG3u6Xwo0czlgUp2VWUQkGnil4ezVlvkFKfFyyPrdu6%2BIkQaELh3lIvS%2FPqxD9"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 8ab07dd4adf7c32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	375c4ed8AsrCt.js Show response postsg.sbs/de/assets/	110 KB 33 KB	18ms 18ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/375c4ed8AsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e966dddeca28d04633f8580074bcc3ebdabd051ce64f6710c33795c1218e40f0` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:37 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 12106 etag W/"1b952-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vRf63UxScWm%2BdeFLosYMwaHgGgwiUNO7ctIAbj7ooaCdmnxToYeTGK3nyxngtwN55%2B%2BkCyv5XeDpROZlFSqexntqbHZzIb%2B%2BsxNCUi9dRBUcju5Xi8e7RuSTomj9ePXr9a5dSqim%2FBq"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd55ef4c32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	/ Show response postsg.sbs/socket.io/	118 B 517 B	98ms 98ms	XHR text/plain	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/socket.io/?EIO=4&transport=polling&t=P40a-67 Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/375c4ed8AsrCt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dd903daae422aa1b865155147f33e78fc750c5aed2dd8ebab43d89cadc31bc56` Request headers Accept / Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:37 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x0DfM6WHUaJVRUvbz9oBn3vkfDkNseADvKaKfroZ%2BTxBPup1gZNozrOwtWpHejQyS95vVhhNaBvQjQpKoqXEEvb1c%2FSCv%2BwaMwKRhAzLlEQjUPTnjncqP4hCia8%2BJM22s3x6G8VRyWrT"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control no-store cf-ray 8ab07dd5af3dc32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	b797873fAsrCt.js Show response postsg.sbs/de/assets/	114 KB 36 KB	16ms 16ms	Script application/javascript	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/b797873fAsrCt.js Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `da5926ca7534438b698128e2ea8ec1f313f91f0f2697e007f004c6d146f822aa` Request headers Referer Origin https://postsg.sbs User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:37 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 7415 etag W/"1c9ab-18fc34637b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RJOPuPICat0H0FG0HRB1Qm7G5qBUqk%2FCoV6VITLW5FZ7Ae5PQdEQwz7XY%2FSCdCs8iIyRGK66xQQUVhCaX5JxH89LDFM5MBP8ZOl%2FYfxYbHJ06kF2SgaoLSTV439QQKFyDXeQJjrLmxAY"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd5bf45c32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	f4397cedTb8FG.css postsg.sbs/de/assets/	400 B 703 B	17ms 17ms	Stylesheet text/css	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://postsg.sbs/de/assets/f4397cedTb8FG.css Requested by Host: postsg.sbs URL: https://postsg.sbs/de/assets/index-601fab58.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2875 etag W/"190-18fc3462810" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WV3R2%2BifX6wut%2FYdZUA734ztUc6wTfs%2B97MDHWG%2FWkqH79qHSQADdOE4OFx6l0h%2FmEl5RJnCDWzEEbcjneronhr2qrUFmaeCsYoIaYz0jzWtLGdWn9pQAT0Z10Pda9v1gqEAnC%2FDwO9B"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd5bf46c32c-EWR alt-svc h3=":443"; ma=86400
GET H3	200	39.svg postsg.sbs/de/layout/images/	904 B 811 B	20ms 19ms	Image image/svg+xml	2606:4700:3036::ac43:bde2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://postsg.sbs/de/layout/images/39.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:bde2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a6b35b6b7cabb9d33c2e1d6afef2d5f546a2fd3912f5f3e96495cd64218b9251` Request headers Referer https://postsg.sbs/de/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 29 Jul 2024 22:19:37 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 May 2024 07:35:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2875 etag W/"388-18fc34610a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N8QZaXFM2BTPC5Pyibpe4k6CmzOD%2BrZbvjQXnFFXKKhUd3EFb7OgXTAp0UbwnrGlrvoAWq7ZghFtFDdcNHY2bLiwBtIQ5mT%2F0wzyBDcn8tJF72SgwNP%2FKZ8NfcVbGKQCW6jxhG0SX9R%2B"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=86400 cf-ray 8ab07dd62fbac32c-EWR alt-svc h3=":443"; ma=86400

postsg.sbs Open in urlscan Pro 2606:4700:3036::ac43:bde2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

617 kBTransfer

1462 kBSize

0 Cookies

97 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

postsg.sbs Open in urlscan Pro
2606:4700:3036::ac43:bde2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

617 kB
Transfer

1462 kB
Size

0
Cookies

35 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!