www.posty.blutu.xyz Open in urlscan Pro
89.105.164.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.posty.blutu.xyz/
Submission: On August 07 via automatic, source certstream-suspicious (August 7th 2024, 1:06:48 pm UTC) — Scanned from AT

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 89.105.164.46, located in Schwaz, Austria and belongs to STW-SCHWAZ-AS, AT. The main domain is www.posty.blutu.xyz.
TLS certificate: Issued by E5 on August 2nd 2024. Valid for: 3 months.

This is the only time www.posty.blutu.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	89.105.164.46 89.105.164.46	39555 (STW-SCHWA...) (STW-SCHWAZ-AS)
1	104.18.19.62 104.18.19.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
4	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.22.20.144 104.22.20.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	6

5 89.105.164.46 (Schwaz, Austria)

ASN39555 (STW-SCHWAZ-AS, AT)
PTR: node-pt089-105-164-046.infra.schwaz.net

www.posty.blutu.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
redactyl.blutu.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.62 (None, )

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.20.144 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.tailwindcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3618 ka-f.fontawesome.com — Cisco Umbrella Rank: 7493	35 KB
5	blutu.xyz www.posty.blutu.xyz redactyl.blutu.xyz	78 KB
2	tailwindcss.com 1 redirects cdn.tailwindcss.com — Cisco Umbrella Rank: 23119	110 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	31 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	9 KB
13	5

	Domain	Requested by
4	ka-f.fontawesome.com	kit.fontawesome.com
3	www.posty.blutu.xyz	www.posty.blutu.xyz
2	cdn.tailwindcss.com	1 redirects redactyl.blutu.xyz
2	redactyl.blutu.xyz	www.posty.blutu.xyz redactyl.blutu.xyz
1	code.jquery.com	www.posty.blutu.xyz
1	cdn.jsdelivr.net	www.posty.blutu.xyz
1	kit.fontawesome.com	www.posty.blutu.xyz
13	7

This site contains no links.

Subject Issuer	Validity	Valid
posty.blutu.xyz E5	`2024-08-02` - `2024-10-31`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
ka-f.fontawesome.com WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh
redactyl.blutu.xyz E5	`2024-07-20` - `2024-10-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.posty.blutu.xyz/
Frame ID: 1450662F1B8C8238CA5ED3329DBC48F9
Requests: 10 HTTP requests in this frame

Frame: https://redactyl.blutu.xyz/?trackingnumber=
Frame ID: B54DC76CA7661C681E6F9009552E7FAC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Posty

Detected technologies

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

/alpine(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

13
Requests

92 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

261 kB
Transfer

777 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://cdn.tailwindcss.com/ HTTP 302
https://cdn.tailwindcss.com/3.4.5

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.posty.blutu.xyz/ 5 KB
2 KB 192ms
56ms Document
text/html 89.105.164.46
STW-SCHWAZ-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.posty.blutu.xyz/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 89.105.164.46 Schwaz, Austria, ASN39555 (STW-SCHWAZ-AS, AT),
Reverse DNS: node-pt089-105-164-046.infra.schwaz.net
Software: LiteSpeed /
Resource Hash: d3785747212f180facda5ef4e1d9e5193aea2896801038ac966dce7b55848422

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 07 Aug 2024 13:06:41 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 output.css
www.posty.blutu.xyz/dist/ 84 KB
13 KB 70ms
69ms Stylesheet
text/css 89.105.164.46
STW-SCHWAZ-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.posty.blutu.xyz/dist/output.css
Requested by: Host: www.posty.blutu.xyz
URL: https://www.posty.blutu.xyz/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 89.105.164.46 Schwaz, Austria, ASN39555 (STW-SCHWAZ-AS, AT),
Reverse DNS: node-pt089-105-164-046.infra.schwaz.net
Software: LiteSpeed /
Resource Hash: 0c047c7f8fd27557b125913d239192875f5d9940c21bae0b12fd2f402b57ae13

Request headers

Referer: https://www.posty.blutu.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 13:06:41 GMT
content-encoding: br
last-modified: Tue, 05 Mar 2024 16:26:00 GMT
server: LiteSpeed
etag: "14f1b-65e74798-100475;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 12844
expires: Wed, 14 Aug 2024 13:06:41 GMT

GET
H2 200 e6606df23f.js Show response
kit.fontawesome.com/ 13 KB
5 KB 700ms
649ms Script
text/javascript 104.18.19.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/e6606df23f.js
Requested by: Host: www.posty.blutu.xyz
URL: https://www.posty.blutu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 292af1d5455228d28f63c967b7b5d3e32c262e373dc9d379329489c9d97f306e

Request headers

Referer: https://www.posty.blutu.xyz/
Origin: https://www.posty.blutu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 13:06:43 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8af77c4accb2c2ac-VIE
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F-l0HbgLlDSYUH7oK6Wh

GET
H2 200 alpine.min.js Show response
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.x.x/dist/ 26 KB
9 KB 66ms
19ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.x.x/dist/alpine.min.js

Requested by

Host: www.posty.blutu.xyz
URL: https://www.posty.blutu.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dfbc6f14aa1ece087d34da8e25c9bc329b4a6d3757f87748ca4b5319c8a01d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.posty.blutu.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 07 Aug 2024 13:06:43 GMT
x-content-type-options: nosniff
content-encoding: br
age: 33917
x-jsd-version: 2.8.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8356
x-served-by: cache-fra-eddf8230038-FRA, cache-vie6334-VIE
x-jsd-version-type: version
etag: W/"6969-PYk6WU7wXAXPX7qrRZSTVytMicQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
31 KB 70ms
19ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: www.posty.blutu.xyz
URL: https://www.posty.blutu.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://www.posty.blutu.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 13:06:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1463742
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-vie6383-VIE
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1723036003.006328,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 17, 544010

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.6.0/css/ 94 KB
22 KB 80ms
45ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.6.0/css/free.min.css?token=e6606df23f
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6606df23f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221

Request headers

Referer: https://www.posty.blutu.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 13:06:43 GMT
content-encoding: gzip
via: 1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jul 2024 22:20:40 GMT
server: cloudflare
etag: W/"4ca760f49cd8a14911c81e6c14328874"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BefWRUleFYygydH5%2F%2BWSCAahjGt%2F6DXxksNjV4V1YK%2FbAFVHdgC0Ww8Yq2cJKFt86wR92yM%2BdwZ9Q7j43UUK31ohF92vavnpP3xJHTC47wnUbHGVR%2B53uAY2TtOROx0pZszQGli9wg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8af77c4f184ec304-VIE
access-control-allow-headers: fa-kit-token
x-amz-cf-id: nY8lx5OBkWUOm_D5OYfiurHy7t7Qf0c4kUKpylV1E6pl99-6cCjh5A==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.6.0/css/ 27 KB
5 KB 74ms
40ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-shims.min.css?token=e6606df23f
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6606df23f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c

Request headers

Referer: https://www.posty.blutu.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 13:06:43 GMT
content-encoding: gzip
via: 1.1 c88540a8a2d41c2f38fed4cab35cb4f0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
etag: W/"5e5b0d8c7be5919570a305b6bc229a36"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oatkU0QZNJvkMTqmqLT0caR9ep4Fd2LlAWwqSuZO4Wa6A9neMX9PIJsoozwnQ3IxkO7WBID5oC%2BS%2FMmVHP%2F7rxzct6Tv80YEOWJ0d4kQcF81rWO0S59jrHteRGkif5qZ7%2FFAQc2zMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8af77c4f184dc304-VIE
access-control-allow-headers: fa-kit-token
x-amz-cf-id: vGyRi2oiRVy-WMik5D2HauUO4Aw5ESUHH-GIRjod4xOwkP7Xo4o1wQ==

GET
H3 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.6.0/css/ 823 B
980 B 76ms
41ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v5-font-face.min.css?token=e6606df23f
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6606df23f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01

Request headers

Referer: https://www.posty.blutu.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 13:06:43 GMT
via: 1.1 c88540a8a2d41c2f38fed4cab35cb4f0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
etag: W/"8972ae5004bc634ffa6641be3960e78a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VmCmapS7wmMR0sw8gQyscP7RyqIEGnEFfokXg0VbRF6xniWM8syTRAbAnDuixW%2F3sxPD50dmrxW5UV37sIssganKKV%2BRUFlORvTvybjxbSMbV7mZxJhCl3JoJVAk17NHPaLU6Astfg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8af77c4f1850c304-VIE
access-control-allow-headers: fa-kit-token
x-amz-cf-id: JA4BQ_5kcZn9-fjNNFOyjUapAASnfPikWrPDMLOFLKvDBDNhsgrdqw==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.6.0/css/ 2 KB
1 KB 71ms
36ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-font-face.min.css?token=e6606df23f
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6606df23f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a

Request headers

Referer: https://www.posty.blutu.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 13:06:43 GMT
content-encoding: gzip
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
etag: W/"a5a0c9048efb7cb5df90023064d09ba4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lYrC1mKgQaA%2FUSeLQ1tzBaIJpOLbpeSMMtcIoNqbFps6cgrq0lke9POxFSRsO0aNMeBQ2qHkMxoF6k7RCh7GXTKbFRJOXYWt00OZ%2BJ3PJ%2Fn1jeMZF3nyDNL2RPio6qmFylBZmD7bHg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8af77c4f1851c304-VIE
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 6-PA4KC6VNV3JteBFY2hBEypb6pjuOhGJ35QrUBYKrIi2X9cqhnIXQ==

GET
H2 200 / Show response
redactyl.blutu.xyz/ Frame B54D 11 KB
3 KB 228ms
93ms Document
text/html 89.105.164.46
STW-SCHWAZ-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://redactyl.blutu.xyz/?trackingnumber=
Requested by: Host: www.posty.blutu.xyz
URL: https://www.posty.blutu.xyz/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 89.105.164.46 Schwaz, Austria, ASN39555 (STW-SCHWAZ-AS, AT),
Reverse DNS: node-pt089-105-164-046.infra.schwaz.net
Software: LiteSpeed /
Resource Hash: e2048ce5fb68de22c001e4fa2ae78048e396b9f536838999e8bcc45a028aadf1

Request headers

Referer: https://www.posty.blutu.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 07 Aug 2024 13:06:42 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 output.css
redactyl.blutu.xyz/ Frame B54D 12 KB
3 KB 52ms
50ms Stylesheet
text/css 89.105.164.46
STW-SCHWAZ-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://redactyl.blutu.xyz/output.css
Requested by: Host: redactyl.blutu.xyz
URL: https://redactyl.blutu.xyz/?trackingnumber=
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 89.105.164.46 Schwaz, Austria, ASN39555 (STW-SCHWAZ-AS, AT),
Reverse DNS: node-pt089-105-164-046.infra.schwaz.net
Software: LiteSpeed /
Resource Hash: e0de935f34f4aa0e5a537f39b69028b503f480fdb5b6c0fecc5e334a587d66ac

Request headers

Referer: https://redactyl.blutu.xyz/?trackingnumber=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 13:06:42 GMT
content-encoding: br
last-modified: Mon, 05 Feb 2024 16:23:17 GMT
server: LiteSpeed
etag: "31cd-65c10b75-101194;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3300
expires: Wed, 14 Aug 2024 13:06:42 GMT

GET
H2

200

3.4.5 Show response
cdn.tailwindcss.com/ Frame B54D
Redirect Chain

https://cdn.tailwindcss.com/
https://cdn.tailwindcss.com/3.4.5

358 KB
110 KB

36ms
35ms

Script
text/javascript

104.22.20.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tailwindcss.com/3.4.5

Requested by

Host: redactyl.blutu.xyz
URL: https://redactyl.blutu.xyz/?trackingnumber=

Protocol

Server

104.22.20.144 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f0570ef81afaa4194fa4ffe80fb291971f0ce27cecd0a1100fdcb4865703364

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://redactyl.blutu.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 13:06:44 GMT
content-encoding: br
strict-transport-security: max-age=63072000
last-modified: Mon, 15 Jul 2024 15:34:05 GMT
x-vercel-id: cle1::iad1::rxrqj-1721057644624-6d3492af5914
cf-cache-status: HIT
age: 1978333
server: cloudflare
x-vercel-cache: MISS
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 8af77c50fab5c263-VIE

Redirect headers

date: Wed, 07 Aug 2024 13:06:43 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
x-vercel-id: cle1::iad1::6zp9c-1723035272158-d16bf7c6827e
server: cloudflare
age: 709
x-vercel-cache: MISS
vary: Accept-Encoding
location: /3.4.5
cache-control: max-age=14400
cf-ray: 8af77c50ca65c263-VIE
content-length: 0

GET
H3 200 logop.png
www.posty.blutu.xyz/ 56 KB
57 KB 52ms
51ms Other
image/png 89.105.164.46
STW-SCHWAZ-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.posty.blutu.xyz/logop.png
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 89.105.164.46 Schwaz, Austria, ASN39555 (STW-SCHWAZ-AS, AT),
Reverse DNS: node-pt089-105-164-046.infra.schwaz.net
Software: LiteSpeed /
Resource Hash: 97642813c9e94b8c720999c8cf41699743f74aed4751f41c877a0de2f14baa41

Request headers

Referer: https://www.posty.blutu.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 13:06:43 GMT
last-modified: Tue, 05 Mar 2024 15:25:33 GMT
server: LiteSpeed
etag: "e1ad-65e7396d-10133a;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 57773
expires: Wed, 14 Aug 2024 13:06:43 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.tailwindcss.com
code.jquery.com
ka-f.fontawesome.com
kit.fontawesome.com
redactyl.blutu.xyz
www.posty.blutu.xyz
104.18.19.62
104.22.20.144
151.101.2.137
151.101.65.229
172.67.139.119
89.105.164.46
0c047c7f8fd27557b125913d239192875f5d9940c21bae0b12fd2f402b57ae13
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c
292af1d5455228d28f63c967b7b5d3e32c262e373dc9d379329489c9d97f306e
2f0570ef81afaa4194fa4ffe80fb291971f0ce27cecd0a1100fdcb4865703364
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01
97642813c9e94b8c720999c8cf41699743f74aed4751f41c877a0de2f14baa41
d3785747212f180facda5ef4e1d9e5193aea2896801038ac966dce7b55848422
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a
dfbc6f14aa1ece087d34da8e25c9bc329b4a6d3757f87748ca4b5319c8a01d7f
e0de935f34f4aa0e5a537f39b69028b503f480fdb5b6c0fecc5e334a587d66ac
e2048ce5fb68de22c001e4fa2ae78048e396b9f536838999e8bcc45a028aadf1
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.posty.blutu.xyz Open in urlscan Pro 89.105.164.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

0 %IPv6

5 Domains

7 Subdomains

6 IPs

3 Countries

261 kBTransfer

777 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Indicators

www.posty.blutu.xyz Open in urlscan Pro
89.105.164.46 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

261 kB
Transfer

777 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions